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Abstract 

Constructor-Based Conditional Rewriting Logic is a general frame- 
work for integrating first-order functional and logic programming which 
gives an algebraic semantics for non-deterministic functional-logic pro- 
grams. In the context of this formalism, we introduce a simple notion 
of program module as an open program which can be extended together 
with several mechanisms to combine them. These mechanisms are based 
on a reduced set of operations. However, the high expressiveness of these 
operations enable us to model typical constructs for program modulariza- 
tion like hiding, export /import, genericity/instantiation, and inheritance 
in a simple way. We also deal with the semantic aspects of the proposal 
by introducing an immediate consequence operator, and studying several 
alternative semantics for a program module, based on this operator, in 
the line of logic programming: the operator itself, its least fixpoint (the 
least model of the module), the set of its pre-fixpoints (term models of the 
module), and some other variations in order to find a compositional and 
fully abstract semantics wrt the set of operations and a natural notion of 
observability. 

Keywords: Functional-Logic Programming, Modules, Compositionality, 
Full Abstraction, Semantics. 

1 Introduction 

Constructor-Based Conditional Rewriting Logic (CRWL)[|, presented in 0, is 
a quite general approach to declarative programming that combines (first-order) 
functional and logic paradigms by means of the notion of (possibly) non deter- 
ministic lazy function. The basic idea is that both relations and deterministic 
lazy functions are particular cases of non-deterministic lazy functions. This 
approach retains the advantages of deterministic functions while adding the 
possibility of modeling non-deterministic functions by means of non- confluent 

1 CRWL must not be confused with the Rewriting Logic proposed in [n9| as a unifying logical 
framework for concurrency. CRWL is a particular logic for dealing witn indeterminism. 
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constructor-based term rewriting systems, where a given term may be rewritten 
to constructor terms (possibly with variables) in more than one way. Here a 
fundamental notion is that of joinability: two terms a, b are joinable iff they 
can be rewritten to a common — but not necessarily unique — constructor term. 
In Q , CRWL is introduced with two equivalent proof calculi that govern de- 
duction in this logic, an algebraic semantics for programs (theories) based on 
a freely generated model, and an operational semantics, based on a lazy nar- 
rowing calculus for solving goals, that is sound and complete wrt the algebraic 
semantics. 

Modularity is a central issue in all programming paradigms motivated by 
the need of mastering the complexity inherent in large programs. Modularity 
related with algebraic specifications (which, to some extent, can be viewed as 
a sort of first-order functional programming) has been extensively studied and 
all specification languages are extended for dealing with modules. In this field, 
a typical module consists of a body, an export interface, a list of imports and, 
possibly, a list of formal parameters, and typical operations with modules have 
to do with setting up hierarchical relationships between modules as the union of 
modules (with some constraints) and the application of a parameterized module 
to an actual module, and their semantics are given from a category-theoretic 
point of view [2?| . Nevertheless, there are other studies of modularity p6| 

with more flexible sets of operations semantically defined by means of operations 
on the sets of models, and also studies where modularity has been tackled with 
the tools of algebraic specifications as Q where an axiomatic specification is 
given for an algebra of non-parameterized modules and it is proved that each 
expression can be reduced to another one with, at most, an occurrence of the 
export (hiding) operator, and Q where a constructive specification is given 
for an algebra of parameterized modules (without hiding) in Maude, and each 
expression is reduced to a flat module. 

In the logic programming field, modularity has been the objective of different 
proposals — see [|| for a survey about the subject — which basically have followed 
two different guidelines. One, focused on programming-in-the-large, extends 
logic programming with modular constructs as a meta-linguistic mechanism 
[0 and gives semantics to modules with the aid of the immediate consequence 
operator. And the other one, focused on programming-in-the-small, enriches the 
theory of Horn clauses with new logical connectives for dealing with modules 
[ po| . In the first line, there is the work || where an algebra of logic programs is 
studied. This algebra is based on three basic operations (union, intersection and 
encapsulation) defined at the semantic level and then translate to the syntactic 
level. It is proved that each program expression is equivalent to a, possibly 
infinite, flat program, and also a transformation is defined for mapping program 
expressions into finite programs by introducing system generated predicates and 
adding a hidden part to each program. Notions of module hiding some predicates 
and module importation are built up with the aid of the basic operations. 

On the other hand, in functional-logic programming we do not know any 
study of modularity semantically well founded. With this paper we have tried 
to contribute to filling this gap at least in the CRWL context. In this context, 
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we deal with data constructors, as in logic programming, and functions denned 
by conditional rewrite rules, instead of predicates defined by Horn clauses, and 
we have proved (see section 3.2) that an operator, similar to the immediate 
consequence operator of logic programs, can be defined to each CRWL-program 
and its least fixpoint coincides with the freely generated term-model given in 
[ p"4[ . All this has motivated our decision of developing a study of programs 
structuring and modularity in CRWL, based on a meta-linguistic mechanism, 
similar to the one which appears in J5|. However we have defined an algebra 
of program modules based on a different set of operations (union, deletion of a 
signature of function symbols, closure wrt a signature and renaming) defined at 
the syntactical level in such a way that each program expression can be reduced 
to a, possibly infinite, flat program. With these operations we can model as 
well as notions of module which hides some functions and module importation, 
module parameterization, instantiation and inheritance with overriding. Also, 
we have introduced a notion of protected signature labeling symbols with module 
expressions, which allows to define structured modules and a representation 
morphism that maps each program expression into a finite structured module. 
We use protected signature, not only for hiding functions as is done in || for 
predicates, but also for hiding data constructors. 

An important aspect to be considered when a language is extended for mod- 
ular programming is the sound integration of the behavior of the modular oper- 
ations into the semantics of the language. The compositionality of the semantics 
of a programming language is particularly relevant when modularity is involved. 
In fact, one of the most critical aspects in modular systems is the possibility of 
making a separate compilation of modules, and this can only be made in the 
presence of this property. On the other hand, full abstraction measures the im- 
plementation details of the semantics of a programming language. A non-fully 
abstract semantics makes the intended meaning of a program to include non 
relevant aspects, which do not depend on the behavior of the program but on a 
particular "implementation" . In some sense, full abstraction can be seen as the 
complementary property of compositionality, and the adequacy of a semantics 
is established when both full abstraction and compositionality are obtained. In 
H , the semantics of a program is given by its immediate consequence operator 
which captures the information concerning possible compositions, this seman- 
tics is compositional by construction and it is proved that also is fully abstract 
wrt a notion of observable behavior given by the success sets of programs (least 
fixpoints of their immediate consequence operators). In CRWL-programming, 
the semantics given by the immediate consequence operator is compositional 
but not fully abstract when we take the freely generated term-model as observ- 
able behavior. For this reason, we study several alternative semantics to find 
one that is compositional and fully abstract. 

We are confident that our work could serve as a reference to other studies of 
modularity in functional-logic programming, and, although we are focused on 
the modular aspects of the semantics, the results obtained in this paper, as well 
as the study of a wide range of other issues concerning semantics, makes the 
current work also relevant from a purely semantic point of view, in the context 
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of rewriting logic-based programming languages. The approach to modularity 
in CRWL-programming, that we present here, substantially extends a previ- 
ous one in with a more elaborate notion of program module and a new 
operation (renaming) that makes clear the difference between importation and 
instantiation, and a more recent one p2| with the notions of structured module 
and module representation that allows to express closed modules by means of a 
finite number of rules and also to deal with local constructor symbols. 

The paper is organized as follows: In the next section we introduce the basic 
features of the CRWL approach to functional-logic programming and its model- 
theoretic semantics — for a detailed presentation we refer to jl4j . In Section || 
we introduce an immediate consequence operator T-ji, for each CRWL-program 
1Z, and a fixpoint semantics that matches the free term- model M.n proposed 
in [0. In Section [| we define a notion of (plain) module together with a 
reduced set of operations on program modules, and we express some modular 
constructions with these operations. In Section || we give the T-semantics that 
characterizes the meaning of a CRWL-program when we consider composition of 
programs and prove that this semantics is compositional but not fully abstract 
wrt the set of operations, taking Ai-ji as the observable behavior of a program 
1Z. In Section |^ we introduce a fully abstract semantics by denoting a program 
module with the set of all its consistent term-models (pre-fixpoints of Tn); but 
this semantics is not compositional for the deletion of a signature. In Section ^, 
we obtain a compositional and fully abstract semantics as an indexed family of 
sets of consistent term-models for single function. In Section §L we introduce the 
notion of structured module as a finite representation of expressions made up 
from finite plain modules that allows the hiding of constructor symbols. Finally 
we present a discussion and some conclusions. 



2 CRWL for Declarative Programming 

2.1 Signatures, terms and formulas 

A signature with constructors is a pair E = (DSs, FSs), where DSs and FSs 
are countable disjoint sets of strings h/n with n £ N. Each c such that c/n £ 
DSy, is a constructor symbol with arity n and each / such that f/n<E FSs 
is a (defined) function symbol with arity n. The set of all constructor symbols 
and the set of all function symbols with arity n are denoted by DS£ and FSQ, 
respectively. Given a signature (with constructors) E and a set V of variable 
symbols, disjoint from all of the sets DSQ and FS£, we define T,-terms as 
follows: each symbol in V and each symbol in DS% U FS% is a E-term, and for 
each h G DS£ UFS£ and t%, . . . , t n terms, h(t\, . . . , t n ) is a term. Terms is the 
set of all E-terms and CTerms the subset of those E-terms (called constructor 
terms) built up only with symbols in DSt: and V. In order to cope with partial 
definition we add a new 0-arity constructor _!_ to each signature E obtaining 
an extended signature Y,±_ whose terms are called partial Yi-terms. When the 
signature E is clear, we will omit explicit mention of it, and we will write 
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Term and CTerm (or Term^ and CTermi for respectively. Following 
the approach to non-determinism in Jl7| we only consider C- substitutions 9: V — > 
CTerm. These mappings have natural extensions 6: Term — > Term, also noted 
as 6, defined in the usual way, and the result of applying 9 to the term t is 
written t9. Analogously, we define partial C- substitutions as mappings 9: V — > 
CTermi. The set of all C-substitutions (partial C-substitutions) is written 
CSubst (CSubstjJ. 

A signature morphism p: £ — > £' from a signature £ = (DSs, FSs) to a 
signature £' = (DSz> , FSs>) consists of two mappings, that we denote with the 
same symbol p:DS^ — ► DSw and p:FSs — > FS^i, that map strings /i/n into 
strings By abuse of notation we will denote hi = p(h). This allows us to 

define a mapping p: Terms 1 — * Termj;/ i as follows: 

p(h) = def h, for heVU{±}U DS^ U FS° ; 

p(h(t)) = def p(h)(p(tx), . . ., P (t n )), for heDS^U FS£,n > 0. 

We will consider signature morphisms p: £ — > S such that p{h/n) = h/n for 
every string h/n in DS^.- Such morphisms will be called function symbol re- 
namings. 

Given a signature S and a set V of variable symbols, there are two kinds of 
atomic CRWL-formulas for a,b G Termj_, reduction statements a — > 6, with the 
intended meaning "a can be reduced to 6," and joinability statements a X 6, with 
the intended meaning "a and & can be reduced to a common value in CTerm" . 
Terms t G CTerm are intended to represent totally defined values whereas 
terms t G CTermi represent partially defined values — to model the behav- 
ior of non-strict functions. Reduction statements a — > t with t G CTermi, 
called approximation statements, have the intended meaning that t approxi- 
mates a possible value of a, whereas a — > t with t G CTerm have the intended 
meaning that t represents a possible value of a — an expression may denote sev- 
eral values capturing the behavior of non-deterministic functions. Substitutions 
9 G CSubst^ and signature morphisms p: S — > £' apply to formulas in the 
obvious way. 

2.2 Programs and formal derivation 

A CRWL-program is a CRWL-theory 1Z defined as a signature S together with 
a set of conditional rewrite rules of the general form 

/(*) -> r <= C, 

where f(t) is the left hand side (lhs), r the right hand side (rhs), C the condition 
of the rule, / is a function symbol with arity n > 0, and C consists of finitely 
many (possibly zero) joinability statements between fully defined terms (with 
no occurrence of _L). When n > 0, t is a linear n-tuple (i.e., without repeated 
variables) of fully defined constructor terms ti G CTerm. When n — rules 
take the simpler form / — > r <= C. Formal derivation of CRWL-statements 
from a given program 1Z is governed by two equivalent calculi (see pi). We 
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present here the so-called Goal-Oriented Proof Calculus (GPC) which focuses 
on top-down proofs of reduction and joinability statements: 

(Bo) e — * _L, for e £ Termx; 

(RR) e^e, for e G V U DS° ; 

(DS) 61 ^ i j-'-- e "-^ t " i forceflS"ande„t 1 eTerm 1 ; 

c(e) -» c(t) 

(OR) ei ^ tl --- e "7'" ° ^\ ifl/f^r^ClelRUand^l; 
a t T 

(Jo) , if t £ CTerm and a, 6 e Term ± ; 

a M 6 

where = {(i -> r <= C)6 \ (I -> r 4= C) G ft, 6» G CSubst ± } is the 
set of possibly partial constructor instances of rewrite rules and C-substitutions 
apply to rules in the obvious way. Rule (Bo) shows that a CRWL-reduction is 
related to the idea of approximation, and rule (OR) states that only constructor 
instances of rewrite rules are allowed in this calculus reflecting the so-called 
"call-time-choice" [|l7) for non-determinism (values of arguments for functions 
are chosen before the call is made). When a reduction or joinability statement 
(f is derivable from a program 1Z we write 1Z \~crwl f and we say that tp is 
provable in 1Z. Goals for a program TZ are finite conjunctions of atomic formulas, 
and solutions are C-substitutions that make goals derivable. In a sound and 
complete lazy narrowing calculus for goal-solving can be found. 



2.3 CRWL- Algebras and models 

We interpret CRWL-programs over algebraic structures consisting of posets with 
bottom as carriers (i.e., sets D with a partial order and a least element 
-Ld), whose elements are thought of as finite approximations of possibly infi- 
nite values in the poset's ideal completion |2q] , and monotonic mappings from 
elements to cones (non-empty subsets of a poset with bottom, downclosed wrt 
the partial order of the poset) as function symbol denotations reflecting possible 
non-determinism. Such a mapping /:£>—> C(E) — where D, E are posets with 
bottom, and C{E) is the set of cones of E — can be extended to a monotonic 

mapping /: C(D) -> C(E), defined by f(C) = de f {Jv.ec f( u ) and also noted / b y 
abuse of notation. In particular, deterministic function symbols are represented 
by mappings /:£>—> 1(E) computing directed cones or ideals (i.e., cones C such 
that for all x,y G C there exists z G C with x C z and y C z) where 1(E) is 
the set of ideals of E. These mappings become continuous mappings between 
algebraic epos after performing the ideal completion (for a comprehensive ex- 
position of these notions we refer to (lj). These ideas are behind the notion of 
CRWL-algebra. 

Given a signature E and a set V of variable symbols, a CRWL-algebra of sig- 
nature S is an algebraic structure A = (Aa, {c A } ce rjs s , {f A }f£FS s ) where the 
carrier Dj± is a poset with bottom _L^, f A is a monotonic mapping — > C(D_a) 
for each / G FS£ and c A is a monotonic mapping D\ — > l(Dj±) for each 
c G Both f A and c A reduce to cones when n = 0. In order to ensure 
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preservation of finite and maximal elements in the ideal completion, we require 
for all ui, . . . ,u n € Da that there exists v € Dj± such that c A {u\, . . . , u n ) = (v), 
where (v) is the ideal generated by v (i.e., the set {d G D_\ \ d C v}), and if all 
Ui are maximal (totally defined) then v must also be maximal. The class of all 
CRWL-algebras of signature S is denoted by Alg s . We are specially interested 
in CRWL-term algebras, which are CRWL-algebras with carrier CTermx, or- 
dered by the approximation ordering "C," defined as the least partial ordering 
satisfying the following properties: 

(a) LCt, V£eCTerm ± ; 

(b) c(s) C c(t) if Si C t i: i = l,...,n, for c G DS£,n > 0; 

and fixed interpretation for constructor symbols: c A = (c), for all c G DS^, and 
c A (t) = (c(t)), for all c S -DS^ and n > 0. Therefore, two CRWL-term algebras 
of the same signature X will only differ in their interpretations for the function 
symbols of S. As a consequence of the above definition, for s,i 6 CTerm^, 
s C i implies s = _L or s — c(s) and t — c(t) for some c S -DS^ and n > with 
each component E ij. Also, for s,te CTermj_, 

sCf \~CRWL t — > S. (1) 

It can be proved, by induction, that every G CSubst^ is a monotonic mapping 
from CTerm_i_ to CTermj_, that is: s C t s9 C for all s,t£ CTerm^. 

A valuation over a structure .4 G Alg s is any mapping ry: V —* I?^. ?7 is 
totally defined when ?7(X) is maximal for all X G V. Val(.4) is the set of all 
valuations over A and DefVal(.4) the set of all totally defined valuations. Given 
a valuation r\ we can evaluate each partial S-term in A as follows: 

def (-Ua), 

def (r?P0>, VleV; 

def c A , VceDS°UFS°; 

def h A {le l ]] A ,...le n ]] A ) 1 VheDS^UFS^nX). 

In this way each partial S-term is evaluated to a cone. For each CRWL-algebra 
A, every r\ G Val(.4), and e G Termi, the following properties are proved in 

B 

l. M A eC(D A ). 

2- I e IL 6l(-D^), if e is only built from deterministic functions (i.e., function 
symbols interpreted by ideal valued functions). 

3- I e IL = i v ) f° r some v G D^, if e G CTerm^. Moreover, when e G 
CTerm and n G DefVal(„4), v is maximal. 

4. (Substitution Lemma) [[e#]]^ = [[e]j , for 6 G CSubst^, where p is the 

uniquely determined valuation that satisfies (p(X)) = [[A#]]^, for all X G 
V. 
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From these results and taking into account that each substitution is equivalent to 
a valuation over any CRWL-term algebra, we have the following complementary 
results for term algebras: 

Proposition 2.1 For each CRWL-term algebra A and every r\ G Val(.4) we 

have: 

1. [[t]]^ = (tr]) for every t 6 CTermj_; 

2. lh(t)f^ = h A (tr)) for all h G DS% U FS£, n > 0, and t u ...,t n G 
CTerm ± ; 

tt e ^]]^ = tt 6 ]]^, f or a M e e Term_L and 9 G CSubst^ , where On represents 
the function composition rj o 9. 

Proof. 

(1) is easily proved by induction on the structure oft and (2) follows from (1). By 
the Substitution Lemma, [[e6>]]^ =[[e]] for a valuation p uniquely determined 

by the condition (p(X)) = [[X9]}^,\/X G V, and by (1), lX6\* = (X0r)); then 
p = 9r\ and we obtain (3). □ 
Models in CRWL are introduced from the following notion of satisfiability: 

• A satisfies a reduction statement a — > b under a valuation r/ G Val(D^i), 
or^K ; («-fc),iff[[a]]^[[6]]^. 

• A satisfies a joinability statement a X b under a valuation r/ G Val(Z?./i), 
or A 1=7, (a ixi 6), iff [[a] (~l [[6]] r) contains a maximal element in D^. 

• A satisfies a rule l~>r<=C, or A\= (I — > r <= C), iff A |= r) C implies A \= 
(I — > r), for every valuation r/ G ~Val(D^). 

• A is a model of a program 1Z, i.e., A (= 7Z, iff ,4 satisfies all rules in TZ. 

CRWL-provability is sound and complete wrt this model-theoretic semantics 
when we consider totally defined valuations only. In juj is proved that for any 
program TZ and any approximation or joinability statement tp, 

TZ \-crwl <p A\= v <p, for every A model of 1Z and rj G DefVal(D^). (2) 

This result is achieved with the help of a CRWL-term algebra Mn characterized 
by the following interpretation for any defined function symbol / G FS£, n > 0, 

f Mn (f) =def {r G CTerm ± | 1Z V C kwl /(*) -» r}. 

M.-R. is such that 7Z \~crwl V Mil Hid f f° r an y approximation or 

joinability statement ip. According to this result, M-r is taken as the canonical 
model of the program 7Z. Also in E^j it is proved that this model is freely 
generated by V in the category of all models of 1Z. This is the model-theoretical 
semantics of the program 1Z. 
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Given a signature E and a function symbol renaming p: E — ► E, for each 
CRWL-term algebra .4 = (CTerm^, {c A } c eDS S i {f A } f£FS s ) of this signature 
we can define another CRWL-term algebra 

A p = (CTev m± ,{c A ?} ceDSs ,{f Ap }f£Fs s ) 

such that f Ap — p{f) A - The relation between evaluation and satisfaction in A 
and evaluation and satisfaction in A p is stated by the following proposition. 

Proposition 2.2 Given a signature E, for every CRWL-term algebra A of this 
signature, every function symbol renaming p: E — > E, and aZZ £ CSubst^, we 

1. (p(t))0 = p(t9), for all t £ Term_L. 
«■ = M^, V a " * G Term ± . 

5. 4 (=e p(^) -4 P iy9, /or any reduction or joinability statement (p. 
Proof. 

The two first statements can be proved by induction over the structure of t, 
whereas the third one is directly derived from (2). 

□ 

3 Fixpoint Semantics 

In this section we will prove, for every CRWL-program 1Z, that Ai-jz is the least 
fixpoint of an operator defined over CRWL-term algebras. The approach we use 
here is similar to that applied in the field of logic programming . However, 
the notion of interpretation, and the corresponding mathematical aspects, have 
to be reformulated in the context of CRWL-term algebras. This approach has 
been also used in Jl^ | in the context of a previous formalism to model functional- 
logic programming. However, this work does not deal with some relevant aspects 
(e.g., non-determinism) of the CRWL-programming version we are considering 
here. 

3.1 The lattice of all CRWL-term algebras 

Let TAlg s be the set of all CRWL-term algebras of a signature E associated 
to a CRWL-program 1Z. We can define the relationship A C B between two 
algebras A,BG TAlg s in the following way: 

A 'OB <^ def for each / e FS*g and n > 0, f A (T) C f B (t), 

when n = 0, f A C f B . This relationship is obviously a partial ordering and 
(TAlg s , C) is a poset. This poset has a bottom J_s and a top Ts characterized 
by the following interpretations, for each / 6 F5g and n > 0, 

f^{t) = def (_L), 
/ Te (<) =def CTerm ± . 
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Given a subset S C TAlg s , the following definitions 

f uS Ct) =<Uf lU e s f A Ct), 

f nS (t) =def CiAes f A ®> 
for each / G F5g and n > 0, characterize two CRWL-term algebras, US and 
nS respectively, because the union and intersection of any number of cones are 
cones also, and the resulting functions in the above definitions are obviously 
monotonic if f A is monotonic for all A £ S. Clearly, US and I I S are the least 
upper bound and the greatest lower bound of S, respectively. So, (TAlg s , U) 
is a complete lattice. 

Valuations (substitutions) of terms in term algebras can be considered con- 
tinuous mappings from algebras to cones in the sense given by the following 
lemma. 

Lemma 3.1 (Continuity of valuations in TAlg s ) For each term e £ Term^ 
and each substitution 9 £ CSubstj^ 

1. AQB [[ ejf C [[ e ]]g , for A,B £ TAlg s . 

[[e]]e D = LU eD l e l£> f or al1 directed subsets D C TAlg s . 
Proof. 

The first statement is proved by induction on the structure of e. If e £ {_L} U 
V U DS^ then [efljf does not depend on the particular term algebra A and 
l e le ^Nle- Else ' if e G FS%, A^B implies e A C e B and then \e\f C[e]f. 
Finally, if e = h(e) with h £ DS£UFS£ and n > 0, assuming [[ e, ]\f C [[ e, flf , for 
j = 1, . . . , n, as the induction hypothesis, for every t £ [[e]]jf we have t G /^(i) 
for some i, G [[ ej fljf , which implies t £ h B (t) with ti £ [[ ]]g as a consequence of 
ylCB and the induction hypothesis. Thus, we get t G [[e]] e , and consequently 

To prove the second statement we only need to prove the following inclusion 
[[ e ]]e D — U^gD II e ]]<f because the inclusion in the other way is trivially derived 
from the first statement. We also proceed by induction on e. If e £ {±.}\JVLiDS^ 
then, as [[e]]jf does not depend on A, [[e]]g D = [[e]]^ for all A £ D. Else, if 
e G FS% then[[e]]g D = e uD and, by definition, e uD = U^ eD e A - So, in all these 
cases, [[e]]g D = LUgd!^]^- Finally, if e = h(e) with h £ DS£UFS£ and n > 0, 
assuming [[ ]]g D C U^eD II e * Iffi * = ^ ■ ■ • > n i as ^ ne induction hypothesis, for 
every i G [[e]]g D we have i G /i uD (i) for some ij G [[ei]]^ 13 , i = 1, . . . ,n. By 
definition h ur> (t) = {J AeD h A (t) an ^ from this and the induction hypothesis 
we can deduce t £ h A " (t) with ti £ [[ e,- L ]\ At , for some Ao, A\, . . . , A n £ D. Since 
D is directed, there exists A £ D, such that Ai Q A, i = 0, 1, . . . , n, and so 
t £ h A (t) with t t £ leilf, which implies t £ \e\f and [[e]]^ D C LU eD Uie ■ 
□ 

Another interesting result relates satisfiability of joinability statements in 
the least upper bound of a directed set of term algebras with satisfiability in, 
at least, one of the algebras of the set. 
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Lemma 3.2 Let C be a finite set of joinability statements and D a directed 
subset of TAlg s , then UD \=g C implies that there exists A G D such that 
A\=gC. 

Proof. 

It is sufficient to prove that this lemma holds when C reduces to one join- 
ability statement r M s, because with more statements we shall obtain al- 
gebras Ai, . . . ,A n , one for each joinability statement, and the upper bound 
U{^4i, . . . , A n } will satisfy all joinability statements in C. By definition, UD 
r \x s implies that there exists a totally defined term t 6 [[r]]g D n[[s]]g D and 



by lemma |4 t G [[r]]g D t G [r if 1 for some ^gD and t G ^s]]g D => t G 



s \g 2 f° r some A 6 D. By the first statement of lemma |3.l|, considering A G D 



such that Ai t= A, i = 1, 2, we have a term algebra such that t S [[r]] e n[[s]]^ 
and consequently A \=e r ix s. □ 



3.2 The algebra transformer associated with a program 

Given a CRWL-program 1Z, with a signature S, we can define an algebra trans- 
former 77j:TAlg s — > TAlg E , similar to the immediate consequences operator 
used in logic programming, by fixing the interpretation of each function symbol 
/ G FSQ, in a transformed algebra T-ji(A), as the result of one step applications 
of reduction statements corresponding to instances — not necessarily ground — 
of those rules of 7Z, defining /, satisfied in A. We formalize this idea defining, 
for each / G FS%, n>0, 

f w) (t) = def {t | 3(f(s) - r <= C) g [R] ± , Si C tiM )=« C,t6[rli}U{l}, 

that is basically a union of cones [[r]L d . This definition corresponds to a mono- 
tonic mapping because all rule instances (/(s) — > r -4= C) G [7£]j_, applica- 
ble to arguments t' are also applicable to arguments t such that t\ Q U, for 
i = 1, . . . ,n, and so the corresponding interpretation characterizes a CRWL- 
term algebra. From this definition of Tn we can derive the continuity of the 
operator in TAlg s . 

Proposition 3.3 For each program 1Z its associated operator T-ji is continuous. 
Proof. 

T-r. is monotonic. Given A, B G TAlg s such that A C B, A ^id C B \=id C 
for every set C of joinability statements, and by Lemma |3~l|, [[e]]^ C [[e]]^ 
for every term e; hence, every rule instance (/(s) — > r <= C) G [7£]j_ applica- 
ble to obtain f 7 ^^ (t) also will be applicable to obtain f Tjl ( B \t), and there- 
fore Tji(A) E Tjz(B). Ttz is continuous. For every directed set D C TAlg s , 
T n (\JD) C U{7^(.4)|.A G D} because each rule instance (f(s) —> r 4= C) G 
[7£]_L that is applicable to obtain / Tre ^ UD ''(t), by Lemmas |3.1| and |3.2| , is also 
applicable to obtain LLgd Z^^C*); and this expression is / u { r ^(-^TP eD >(Z). 
The inclusion in the other way is trivial. □ 
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Thus, T-ji has a least fixpoint J--jz given by UA-ji (that is also the least pre- 
fixpoint), where A-ji is the chain of CRWL-term algebras Ai,i G N, such that 



A = ± s E . . . E A+i = Tn(Ai) E ••■ 

JF TC is also denoted as 7^."(±s) (see Q). In order to prove that Tn coincides 
with M.-R. we need two lemmata, one characterizing the set of term models and 
other relating CRWL-provability with A-r. satisfiability. 

Lemma 3.4 (Model characterization) Given a program TZ, M. is a term 
model for TZ iff T n {M) E M 

Proof. 

First, we will prove that T-ji(M) C M for each term model M.. Let us consider 
f r ^ M )(t) for / S FS%, n > 0, with all U e CTerm ± . If there exists a rule 
instance (f(s) — > r C) G [7£]j_ with 7- ^ _L, Sj E ij, and (=id C then as 



M is a model of TZ, [[r]]^ C [[/(s)]]^ 1 . By Proposition y (2), [[/(s)C 



n .M 



/ M (S), and by f M monotonic, /^(s) C f M (t), and[[r]]^ C f M {t). Thus, 
fT n {M)^ q f M (t), and consequently T n (M) E X. For / G FS*£ the proof is 
similar but somewhat simpler. 

Now we will prove that every term algebra M. such that Tn(M) E M 
is a model for TZ. Given a rule (f(t) -* r C) 6 K, for G CSubstx 



such that .M \=id CO, or equivalently jW [=» C (by Proposition 2.1 (3)), we 
can consider f Tn ^ M '(t9), and because of the instance (f(t) — > r <= C)0 G 
[ft]_L we have [r6>]]^ C f T ^ M ^(i6). By hypothesis, f r ^ M ^6) C /^(tfl); by 
Proposition |1] (3), [[r0]]^ = [[r]]^; and by Proposition |I] (2), f M {W) = 

If®]?; thus > IMC ^ !/(*) C which is M N /(*) r, and M satisfies the 
rule /(£) ^r^C. □ 

Lemma 3.5 Given e G Termj_ and t G CTerm^, we have 

TZ ^crwl e^t =*> A e — > i, /or some A G A K . 

Proof. 

As Tti(UA-jz) = UA-ji, by the model characterization lemma, UAn will be a 
model of TZ. Thus, by equivalence (|J), TZ ^crwl e — » t implies LiA-ji \=id 



e — > £ or (t) C [e]]^ A ' R that is equivalent to t G [[e]]^ Aw - By lemma 3.1 

Mid^ = lUeAje]]^ > so there wil1 be an A such that t G [e]]^ ! that 
means At ^id e — ► t. □ 
From the above results we obtain the following proposition. 

Proposition 3.6 For every program TZ, Ai-jz is the least fixpoint (and the least 
pre-fixpoint) ofT-jz. 

Proof. 

First we can prove UAr E -M-r., from Aq E M-r, %i(Mtz) E M-n (because 
M-r is a model of TZ) and the continuity of Tr that assures Ai E -M-r. for all 
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i. Now we can prove that Mn C UA-r, by proving, for each / 6 FSg, that 
f Mn -(t) C / uAK (t), for t x ,...,t n e CTermi, and this inclusion is proved by 
reasoning with elements. By definition, t E f M ' R (t) is equivalent to 1Z \~crwl 



f(t) — > i and, by Lemma 3.5, this implies A; f(t) — » <, for some .A, S A-r.. 
Taking into account that, by Proposition 2.1 (2) [[/(T)]]^* = we obtain 



t e f A '{t) and t e f uA ^(t). □ 
Thus, if we consider the meaning of a program 1Z as the least fixpoint of 
its associated transformer 7^,, then this fixpoint semantics coincides with the 
model-theoretic semantics as it happens in logic programming. In fact, this 
semantics would correspond to the C-semantics in jllj]. 

Definition 3.7 (Least model semantics) For each program 1Z we define its 
least model semantics as: {[ TZ ]} iM —def M TZ ■ 



4 An Algebra of CRWL-Program Modules 

For designing large programs it is convenient to separate the whole task into 
subtasks of manageable size and construct programs in a structured fashion 
by combining and modifying smaller programs. This idea has been extended 
to many programming languages giving rise to different notions of program 
module, each one being attached to a programming paradigm. In CRWL- 
programming we are going to follow an approach close to that developed in 
[^| for logic programming, where modules are open programs in the sense that 
function definitions in a module can be completed with definitions for the same 
functions in other modules. We will consider a global signature with bottom 
'E± = (DSj: ± , FSs ± ) and a countable set V of variable symbols and will con- 
struct modules and module expressions with symbols of these sets. T,± and 
V will characterize the environment where modules are written. Also we will 
consider all constructor symbols in DS^ ± common to all program modules as 
it is usual in other proposals of modularity for declarative programming, like 
H where compositionality and full abstraction are dealt with. With this 
decision we give up any possibility of data abstraction and the only contribution 
of a program module to the environment will be a set of (definition) rules for 
a subsignature of function symbols. We will take this subsignature to denote 
the exportable resources of the module, and the set of rules as its body. In a 
program module, function symbols may appear — in the rhs of a rule — with 
no definition rule in this module. Although it may be assumed that all func- 
tion symbols are defined in each program module by assuming an implicit rule 
f(t) — > _L for each function symbol / with no definition rule, these symbols will 
be assumed to be provided by other modules and they will be taken to denote 
the resources that have to be imported. They will be the parameters of the 
module. From these considerations we propose the following definition for the 
notion of module in CRWL-programming 

Definition 4.1 (Module) A module in CRWL-programming is a tuple < a pi a ei TZ > 
where 
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• 1Z is a set of program rules f(t) — > r <= C fr ^ 1J, 

• a e is the (exported) signature of function symbols with a definition rule in 

n, 

• o~ p is the (parameter) signature of those function symbols with no definition 
rule in 1Z that appear in any rule (i.e., they are invoked but not defined). 

1Z is the body of the module and (a p , a e ) its interface. The interface of a module 
could be inferred from its body if one knows which are the constructor symbols. 
However, as we consider all constructor symbols common to all program mod- 
ules, we do not include an explicit declaration of these symbols in any module 
and have to make explicit parameter signatures in order to distinguish between 
function and constructor symbols. In this way, every symbol not occurring in 
a e nor u p will be a constructor symbol. Next, we have an example of a module 
definition. 

Example 4.2 This example shows a module for constructing ordered lists of 
natural numbers with functions for inserting elements, checking the type of an 
element, and compare natural numbers. 

OrdNatList = 

< {}, '/, Parameter signature 

{isnat/1, leq/2, insert/2}, '/, Exported signature 

{ isnat(zero) -> true. 

isnat (succ (X) ) -> isnat(X). 

leq(zero,zero) -> true. 

leq(zero , succ (X) ) -> isnat(X). 

leq(succ(X) ,zero) -> false <= isnat(X) >< true. 

leq(succ(X) ,succ(Y)) -> leq(X.Y). 

insert (X,[]) -> [X] <= isnat(X) >< true, 

insert (X, [Y I Ys] ) -> [X|[Y|Ys]] <=leq(X,Y) Xtrue. 

insert (X, [Y I Ys] ) -> [Y I insert (X,Ys)] <= leq(X,Y) >< false. }> 

In this module the parameter signature is empty, and symbols like zero/0, 
succ/1, [] /0, [_ I _] II with no definition rule are considered constructor sym- 
bols, because they are not included in the parameter signature (and obviously 
because they occur in arguments of left hand sides). 

We write PMod(£jJ for the class of all program modules which can be 
defined with a signature SubSig(S^) for the set of all subsignatures of a 
signature £j_, and Prg(£j_) for the class of all sets of rules (programs) which 
can be defined with Sj_. On PMod(Si) we define three projections: 

• par: PMod(Si) — > SubSig(S^) such that par(< a p , a e ,TZ >) = cr p , 

• exp: PMod(Si) — > SubSig(S^) such that exp(< a p ,a e ,TZ >) = a e , and 

• rl:PMod(Si) -> Prg(£ ± ) such that rl(< a pi a ei K>) = K, 

which give respectively the parameter signature, the exported signature, and 
the body of a module. 
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4.1 Basic Operations on Modules 

In this section we present a set of basic operations with modules that allows 
us to express typical features of modularization techniques such as informa- 
tion hiding/abstraction, import/export relationships and inheritance related to 
function symbols as is done in || , but our set of operations is different and we 
give syntactic definitions for it. We use three operations: union of programs, 
closure wrt a signature and deletion of a signature, that are sufficient to express 
the most extended ways of composing modules and their relationships, and we 
do not need the intersection of programs, used in H to model hiding, because 
we directly deal with signatures in the closure. In order to give more flexibility 
in expressing importation and instantiation, we also include a renaming opera- 
tion. We define our operations in such a way that all module expressions can 
be reduced to a flat module < a p ,o e ,lZ > — where 1Z could be an infinite set of 
rules. This is something like a presentation semantics p6fl . 

First we define the union of two modules as the module obtained as the 
simple union of signatures and rules. 

Definition 4.3 (Union) Given two modules V\ =< a p ,a\,TZi > and V2 =< 
(Tp,f7g,7?.2 >, their union is defined as the module: 

Pi U V 2 =def< {0} U o*) \ (al U <7g ), a\ U <%,H X U K 2 > . 

Each argument in this operation is considered an open program that can be 
extended or completed with the other argument possibly with additional rules 
for its exported function symbols. 

Example 4.4 Let us consider the following module with a junction to give 
change for an amount of money. Values for coins are provided by the non- 
deterministic function coin/0, whereas getcoin/1 gives different possibilities 
to get a coin for a fixed amount. Finally, the function change/1 returns a list 
with the coins corresponding to the change. In this example, we are assuming 
a predefined arithmetic with the usual notation for natural numbers. This was 
not the case in Example 4 



MoneyChange = 

< {_=<_/2, _-_/2>, 

{coin/0 , getcoin/1 , change/ 1} , 

{ coin -> 1. coin -> 5. coin -> 10. 

getcoin(N) -> C <= coin >< C, C =< N >< true, 
change (0) -> [] . 

change(N) -> [C I change (N-C)] <= getcoin(N) >< C. } > 

We can extend this module with another module for providing new coins: 

NewCoins = <{}, {coin/0} , {coin -> 15. coin -> 20. }> 

simply by joining them to obtain 
MoneyChange U NewCoins = 
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< {_=<_/2, _-_/2}, 

{coin/0 , get coin/1 , change/ 1} , 

{ coin -> 1. coin -> 5. coin -> 10. coin -> 15. coin -> 20. 
getcoin(N) -> C <= coin >< C, C =< N >< true, 
change (0) -> [] . 

change(N) -> [C I change (N-C)] <= getcoin(N) >< C. } > 

Union of modules is idempotent, associative, commutative, and there exists a 
null element: the module O =< a 0l (j ,$ >, where a is the empty signature of 
function symbols, representing the module with no rule. 

Proposition 4.5 The union of modules has the following properties: 

1. V U O = V, for every module V . 

2. V U V = V, for every module V . 

3. (?UPi)UP 2 = PU(PiUP 2 ), for all modules V , V\ and V 2 - 

4. Vi U Vi = V 2 U V\, for all modules Pi and V 2 - 
Proof. 

Obvious from the definition of the union of modules. □ 
The second operation is the closure of a module wrt a given signature a. 
This operation makes accessible the signature a in an extensional way (i.e. 
only provable approximations can be used) and hides the rest. To define this 
operation, we need to introduce the notion of canonical rewrite rule. 

Definition 4.6 (Canonical rewrite rule) Given a term f(t), with f G FS% 
and each ti G CTerm^, and r G CTermj^, we define the canonical rewrite 
rule crr(f(t), r) which reduces f(t) to r, as the rule f(t ) — > r <= C , constructed 
by substituting in t each occurrence of a repeated variable X or _L with a fresh 
variable Y and adding in C a joinability statement X X Y for each occurrence 
of a repeated variable X , and a statement X x X for each variable X in r and 
each variable with only one occurrence in t. 

In this way we obtain a program rule (with t linear and each t[ G CTerm) 
from which f(t) — > r can be proved, because for 9j G CSubst^ such that 
9j(Y) = X for each fresh variable Y that substitutes an occurrence of X in t, 
9j{Y) = _L for each fresh variable Y that substitutes an occurrence of _L, and 
Oj{X) = X for all other variables, CQj always can be proved and (f(t ) — > r)6j 
is /(I) - r. 

Example 4.7 The canonical rewrite rule which reduces f(±,b(X,Y),X) to 
a(X, Z) is: 

f(V,b(X,Y),Xl) -> a(X,Z) <= {XI ex X, Y x Y, Z tx Z}, 

and the associated substitution 9j is such that 9j(Xl) = X, 9j{V) = _L ; and 
9j(W) = W for all other variables W. In this case C9j = {X ex X, Y cx Y, Z ex 
Z} and all these joinability statements can be trivially derived from (RR ) and 
(Jo), and therefore /(_L, b(X, Y), X) -> a(X,Z) by the (OR) rule. 
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Now, we can define the closure of a module as follows. 



Definition 4.8 (Closure wrt a signature) Given amoduleV =< a p ,a e ,7Z >, 
its closure V wrt a signature of function symbols a is defined as the module: 

< a ,cr' e ,{crr(f(t),r) | f/n£a, r 6 CTerm ± , r ^ _L, K \~CRWL /(*) -> r} >, 

where 0~ o denotes the empty signature of function symbols, ti £ CTerm^ for 
each component of the tuple t, and o~' e is the corresponding exported signature. 

The closure of a module is a module with a possibly infinite set of rules 
(although the exported signature is always finite) equivalent to the union of 
the graphs in Ai-p of all functions defined in V and contained in a. Note that 
o~' e C a e [~l cr because a function in a e PI a that depends on functions in the 
parameter signature could remain with no definition rule — or with the only 
rule f(t) — > _L — after closing the module. As a syntactic simplification we will 
write V instead of V for each module V =< a p , a e , 1Z >. 

Example 4.9 Let us consider the following module about week days, where two 
functions are defined to get the next day and the day before of a given day. 

WeekDays = < {}, 

{next/1 , before/1} , 

{ next (mo) -> tu. next(tu) -> we. next (we) -> th. 
next(th) -> fr. next(fr) -> sa. next(sa) -> su. 
next(su) -> mo. 

before (X) -> Y <= next(Y) >< X. } > 

The closure of this module wrt its whole exported signature is the module 



WeekDays = < {} 

{next/1 , before/1} , 

{ next (mo) -> tu. next(tu) -> we. next (we) -> th. 
next(th) -> fr. next(fr) -> sa. next(sa) -> su. 
next(su) -> mo. 

before(tu) -> mo. before(we) -> tu. before(th) -> we. 
before(fr) -> th. before(sa) -> fr. before(su) -> sa. 
before(mo) -> su. } > 



Closure wrt a signature is in some way the counterpart of the encapsulation 
operation V in but it is more general because it has a twofold effect: hiding 
all rules in the module and restricting the visible signature, so we need no 
intersection of modules — as is needed in || — to restrict visibility in a closed 
module. Variables and bottom can appear in the rules of a closed module, but 
no functions in the parameter signature. 

Proposition 4.10 Closure of modules has the following properties, where a, 
G\ and <72 are signatures of function symbols, 

1. V = O, for every module V and every signature a such that o~Piexp(V) = 

Co- 
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2. O = 0, for every signature a and the null module O . 

3. =P 'uf , for every module V and signatures o\, 02- 

4- V** 1 = •p <Tin<T2 = -p° 2 f for every module V and signatures o~\, o~2 • 



5. V1UV2 =7*1 UV2 , for modules V\ and V2 defining disjoint signatures 
and such that neither V\ nor V2 use the signature defined in the other 
module. 

Proof. 

Obvious from the definitions of the closure and the union of modules. □ 
Our third operation is the deletion of a signature in a module. 

Definition 4.11 (Deletion of a signature) Given a module V =< er p , <r e , 1Z >, 
the deletion in V of a signature of function symbols a produces the module: 

V\o- =def< o-' p ,cr e \a,TZ\a >, 

where 1Z \ a denotes the set of those rules in 1Z defining function symbols not 
appearing in a, and a' p denotes the corresponding parameter signature. 

We do not give an explicit expression for par{V \ o) in terms of par(V) 
because new parameters can appear and old ones can disappear with the deletion 
of rules in rl(P). However, par(T' \ a) C a p U (er e n cr) is satisfied. 



Example 4.12 In the module OrdNatList of Example J^.i we can delete or 
abstract the signature {isnat/1 , leq/2} to obtain the following parameterized 
module 

0rdNatList\{isnat/l,leq/2} = 
< {isnat/1, leq/2}, 
{insert/2} , 

{ insert (X,[]) -> [X] <= isnat(X) >< true, 

insert (X, [Y I Ys] ) -> [X|[Y|Ys]] <= leq(X,Y) X true, 

insert (X, [Y I Ys] ) -> [Y| insert(X,Ys)] <= leq(X,Y) >< false. } > 

The resulting module is now parameterized by the two symbol functions isnat/1 
and leq/2, whereas only the function insert/2 is exported. 

This operation recalls the undefine clause in the object-oriented language 
Eiffel, and we will use it (combined with the union) to perform inheritance with 
overriding. Note the differences between the deletion of a signature and the 
closure wrt a signature. The former operation removes rules defining function 
symbols in the signature — but not those rules containing invocations in their 
rhs or condition — whereas the latter only hides the definitions of the functions 
in the signature, but maintains their consequences — hiding all other functions. 

Proposition 4.13 The deletion of a signature (of function symbols) in a mod- 
ule has the following properties, where a, <j\ and 02 ore signatures of function 
symbols, 
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1. V\o~ = O, for every module V and every a such that exp(V) C a . 

2. V \ a — V , for every module V and every a such that exp{V) PI a = a a . 

3. (V \ a%) \ (72 —~P \ U o-i) = (V \ o-i) \ o~ x ? for all modules V and <j\, 02- 

4- (Vi ISV2) \ cr = (Vi \ cr) U (V2 \ &), for all modules V\, V2 and signatures 
a. 

5. {'P' 71 ) \o~2 = V cri ^ ff2 ^ ) for all modules V and signatures <J\, 02 • 

6. V =V \ (o~ e \ c); for a module V , with exported signature o~ e , and all a. 
Proof. 

Obvious from the definitions of the deletion, union and closure. □ 
Finally, we introduce a renaming operation that allows us to change function 
symbols with other function symbols of the same arity, in the global signature 
Ej_. Therefore, given a module V and a function symbols renaming p, wc define 
the renaming of V by p as a new module p(V) where rules are conveniently 
renamed. The following definition formalizes this idea. 

Definition 4.14 (Renaming) Given a module V —< a p , er e , 1Z > and a func- 
tion symbol renaming p, V renamed by p is the module 

p{V) = deS < p* (a p ) \ p* (a e ), P *(a e ), p* (K) > , 

where p*(o~) is the signature resulting from applying p to all symbols in a, and 
p*(7t) is the set of rules resulting from applying p to all rules in 1Z. 

The following example illustrates the usefulness of this operation to adequate 
parameter names of a module. 



Example 4.15 In the module DrdNatList\{isnat/l , leq/2} of Example \4.1i 
we can rename the function symbol isnat/1 with the new name isbasetype/1 
to obtain a more appropriate parameterized module 

OrdList = {isnat/1 -> isbasetype/1} (OrdNatList\{isnat/l , leq/2}) , 

where we have denoted the corresponding renaming function p as the set of 
pairs f/n~^ p(f/n) such that f/n^ p(f/n). This module has the following 
appearance 

OrdList = 

<{isbasetype/l , leq/2} , 
{insert/2} , 

{insert(X, [] ) -> [X] <= isbasetype(X) >< true, 

insert (X, [Y I Ys] ) -> [X|[Y|Ys]] <= leq(X.Y) X true, 

insert (X, [Y I Ys] ) -> [Y| insert (X,Ys)] <= leq(X.Y) X false.} > 

Now, the parameters become isbasetype/2 and leq/2. 



19 



We will use this operation to change function names in exportation, im- 
portation and, specially, in instantiation for matching function names in the 
parameter signature of a module with function names in the exported signature 
of another module. See Section 4.2 for some illustrative examples. 

Proposition 4.16 Renaming of modules has the following properties, where p, 
pi and p2 are function symbol renamings, 

1. i{V) = V , for every module V , where l is the identity renaming. 

2. p(0) = O, for every p. 

3. p2(pi('P)) — {p2 ° PijiJ 3 ), for all modules V and all pi, p2- 

4- p(Vi U V2) = pi'Pi) U p(J > 2), for all modules Pi, V2 and all p. 



5. pifP ) = p('P) , for all modules V , signatures a and infective p. 

6. pifP \ a) — p{V) \ p*(o~), for all modules V , signatures a and infective p. 
Proof. 

Obvious from the definitions of deletion, union, closure and renaming. □ 



4.2 Other Modular Constructions in CRWL-programming 

Our notion of module is basically that of a program inside a context made up of 
other programs providing explicit rules for function symbols and implicit decla- 
rations of constructor symbols, all together defining a global signature In 
this section, we will show how the operations that we have defined above can 
be used to model typical module interconnections used in conventional modular 
programming languages. We will introduce new operations with modules for 
these relationships, but all these will be defined as derived expressions from the 
basic set. These expressions will reflect the relationship between the module de- 
noted by the expression and its component modules, and the resulting modules 
will be interpreted as flat modules in all cases. 

The closure of a module M. wrt a signature a gives a form of encapsulation, 
hiding those function symbols in M. that are not in a, and making the function 
symbols in M. and a visible but only in an extensional way, i.e., by the results 
— as partial constructor S-terms — of the function applications to constructor X- 
terms (including variables). Thus, we can provide an export with encapsulation 
operation '□' over modules, in this simple way 

aUM = de f M a . 

The union of modules reflects the behavior of some logic programming sys- 
tems that allow adding new programs — saved in separate files — to the main 
database. With this operation, but modifying one of its arguments, we can ex- 
press different forms of importation and instantiation. We can define an import 
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operation <C between modules as the union of a module M — representing the 
body of the importing module — with the closure of the imported module AT as 
follows 

M <C TV = def MUJJ. 

Module M. <C M imports TV, which means that only the consequences of the 
functions defined in TV arc imported, and not their rules. When exp(AA) D 
exp(Af) = <7 we have a typical importation because functions defined in N are 
only reduced in J\f. We can also express selective importation of a signature 
a from M by combining importation with exportation, in order to restrict the 
visible signature of the imported module: 

M < (ctDTV), with a C exp{M) 



This expression is equivalent to M U Af° by Proposition 4. 10| (^) . Multiple im 



portation or (selective) importation from several modules can be written as 
(. . . (M « (criOA/i)) • • •) « (o-fcOA/it), 

where the importation order is not relevant by Propositions |4.5| (ff,^) and [4.10| (^,5). 
It can be easily proved that this expression is equivalent to the single importa- 
tion 

M < ((<nOA/i) U . . . U KDA4))- 
Importation with renaming can be expressed by an expression of the form 

M < p{aUM) 

with a C exp(M), and an injective function symbol renaming p (see Proposi- 
tion 4.16| (5)). By the properties of renaming this expression is equivalent to 



M < (p* (a)Dp(Af)) 
and can be reduced to M U pfTJ" 7 ). 



Example 4.17 Let us consider the module OrdList in Example J^.lb\ and the 

new module 

OrdNat = 

< o, 

{isnat/1, leq/2, geq/2}, 
{ isnat(zero) -> true. 

isnat (succ (X) ) -> isnat(X). 

leq(zero,zero) -> true. 

leq(zero,succ(X)) -> isnat(X). 

leq(succ (X) , zero) -> false <= isnat(X) >< true. 

leq(succ(X) ,succ(Y)) -> leq(X.Y). 

geq(X.Y) -> leq(Y.X). } > 

where we define the predicate isnat/1 and the two order relationships leq/2 
(less than or equal to) and geq/2 (greater than or equal to). The importation 

OrdList <C {isnat/1 -> isbasetype/1} (OrdNat) 
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is a module with an infinite number of rules for isbasetype/1, leq/2 and 
geq/2 (all possible reductions to true or false), that behaves as calls to isbasetype/1 
and leq/2 are reduced in DrdNat as calls to isnat/1 and leq/2 itself respec- 
tively. 

Thus a typical program A4 with a hierarchical structure in the sense of stan- 
dard modular programming, i.e., importing from several modules A/i, . . . , Af k , 
possibly with renaming, can be built up from a plain program V — its body — 
and the imported modules as 

M = V « (pi(oiClA/i) U . . . U p k (a h {W k )), 

with (7i C exp{N\), ■ ■ ■ , CTfc C exp(J\f k ) and par(V) C (/?*(<7i) U . . . U p* k {o- k )). 
This expression can be reduced to V U pi(A7T l ) U . ..U p k (W k k ). 

Because our basic modules can be parameterized, we can instantiate function 
symbols of the parameterized signature of a module M. with function symbols, 
of the same arity but different name, exported by other module J\f, simply by 
renaming suitably the parameters of M. to fit (a part of) the exported signature 
of M . Thus we obtain an instantiation operation that we denote M. [A/ - , p] and 
define as 

M[Af,p] = def p(M)<LM, 

where p is the function symbol renaming that characterizes the instantiation. 
This operation makes sense when p* (par (M.))C\exp(M) ^ a Q . When par (p(M j) C 
exp(Af) the instantiation is total and is partial in another case. Note that in- 
stantiation can be seen as a special form of importation. The difference between 
a (renamed) importation M <?C p(Af) and an instantiation p(M) <C M is that 
in the former, symbols in the parameter signature of M. refer to actual names in 
the exported signature of the imported module J\f (renamed by p) , whereas in 
the latter, symbols in the parameter signature of M. behave as true parameters 
being replaced (by p) with actual values of the exported signature of M . 



Example 4.18 Let us consider again the module DrdList in Example 4-1^ an d 



the module DrdNat defined in Example 4.11 . The instantiation 



OrdList [OrdNat, {isbasetype/1 -> isnat/1, leq/2 ->geq/2}] 



is equivalent to a module, also with an infinite number of rules, but defining the 
predicates isnat/1 and geq/2 instead of isbasetype/1 and leq/2 respectively. 

Deletion of a signature a in a module removes all rules defining function 
symbols in that signature but maintains the occurrences of these symbols in the 
rhs of the other rules. This operation can be used to abstract a signature a 
from a module M. in the following way 

M[a] = def M\a. 
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This abstraction operation makes sense when a C exp(M) and each function 
symbol in a appears in some rule of rl(M \cr). This operation is very use- 
ful for making generic modules from concrete ones but unfortunately it is not 
implemented in conventional modular programming systems. As an example 



of the use of this operation we refer to Example 4.12. Also, with the deletion 
operation, we can model a sort of inheritance relationship between modules. 
Inheritance with overriding may be captured by means of union and deletion of 
a signature in the following way 

M isaM = def MU(Af\ exp(M)). 

Module M. isaAf inherits all functions in Af — with their rules — not defined 
in Ai and uses the rules of Ai for all functions defined in Ai, overriding the 
definition rules in A/", for common functions. In this case, overriding is carried 
out by deleting the common signature of the inherited module before adding it 
to the derived module. 

Example 4.19 Let us consider a module defining some operations on polygonal 
lines and parameterized wrt an addition operation _+_/2, a predicate ispoint/1 
to test if something is a point, and operations distance/2 and translatepoint/2 
for computing the distance between points and the point resulting of applying a 
translation, given by a vector (its second argument), to another point (its first 
argument). 

Polygonal = 

<{_+_/2, ispoint/1, distance/2, translatepoint/2 }, 
{perimeter/1, translate/2 }, 

{perimeter ( [PI] ) -> zero <= ispoint(Pl) >< true, 

perimeter ( [PI I [P2 1 Ps] ] ) -> distance (PI , P2) +perimeter ( [P2 IPs]), 
translate ( [PI] ,V) -> [translatepoint (PI , V)] . 

translate ([PI I [P2 IPs]] ,V) -> [translatepoint (PI ,V) I translate ( [P2 1 Ps] ,V)] . } > 

(where we suppose that distance/2 and translatepoint/2 check that their 
arguments are points). Let us also consider another module defining some oper- 
ations on squares and also parameterized wrt a multiplication operation _*_/2, 
and the above operations ispoint/1 and distance/2. 

Square = 

< {_*_/2, ispoint/1, distance/2}, 

{issquare/1, side/1, perimeter/1, surface/1}, 

{issquare( [P1,P2,P3,P4] ) -> true <= distance(Pl ,P2) >< distance (P2, P3) , 

distance(P2,P3) >< distance (P3 ,P4) , 
distance(Pl,P2) >< distance (P3 ,P4) . 

side([Pl,P2,P3,P4]) -> distance(Pl ,P2) <= issquare( [PI ,P2,P3 ,P4] ) >< true. 

perimeter (C) -> 4*side(C) <= issquare(C) >< true. 

surface (C) -> side (C) *side (C) <= issquare(C) >< true.} >. 

With these modules we could define a new module SquarePolygone making mod- 
ule Square inherit from Polygonal, 

SquarePolygone = Square isa Polygonal. 



The resulting module would be 
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SquarePolygone = 

< {_+_/2, _*_/2, ispoint/1, distance/2, translatepoint/2} , 
{issquare/1, side/1, perimeter/1, surface/1, translate/2}, 
{issquare( [P1,P2,P3,P4] ) -> true <= distance(Pl ,P2) >< distance (P2, P3) , 

distance(P2,P3) >< distance (P3 ,P4) , 
distance (PI, P2) >< distance (P3, P4) . 
side([Pl,P2,P3,P4]) -> distance(Pl ,P2) <= issquare( [P1,P2,P3,P4] ) >< true, 
perimeter (C) -> 4*side(C) <= issquare(C) >< true, 

surface (C) -> side (C) *side (C) <= issquare(C) >< true, 
translate ( [PI] ,V) -> [translatepoint (PI , V)] . 

translate ([PI I [P2 IPs]] ,V) -> [translatepoint (PI ,V) I translate ( [P2 I Ps] ,V)] . } >. 

Note that perimeter/1, defined in the module Polygonal, has been redefined 
with the version of the module Square. The function translate/2 has been 
inherited from Polygonal. 

5 A Compositional Semantics 

A module is basically a program because its interface can be extracted from its 
set of rules when we know the data constructor symbols, and operations defined 
on modules are operations on their sets of rules, i.e., operations on programs. 
The difference between a program and a program module is that a module can 
be thought of as a program piece that can be assembled with other pieces to 
build larger programs (this is one of the main reasons of making explicit their 
interfaces). 

With this idea in mind, the model-theoretic semantics defined for CRWL- 
programs is not suitable for program modules because it is not compositional 
wrt the operations defined over modules as we can see in the following example. 

Example 5.1 Let £ be a signature ({a/0, 6/0, c/0}, {p/1, r/1}), and modules 
V\ and V2 with the following sets of rules: 

rl(Pi) = {p(a) c} rl(T 2 ) = {p(a) -» c, r(b) c <= p(b) c*a c}. 

These modules have the same model-theoretic semantics, M.-p\ = ■M-p 2 > which 
is the CRWL-algebra A with functions p A and r A such that 

p A (a) = {c, !_}, p A (b) = p A (c) = p A {L) = {_!_}, p A (X) = {_!_}, VIeV 
r A (a) = {_L}, r A (b) = r A (c) = r A (L) = {_L}, r A (X) = {_L}, VX £ V. 

However, their unions with Q, such that rl(Q) = {p(b) — > c}, have different 
model-theoretic semantics. The intended model ofViUQ has a function r Mv i ua 
such that r- M ^i u e(6) = whereas r M ^Q(b) = {c,_L}. So, M Vl uQ ^ 

Mv 2 uq- 

The compositionality of the semantics of a programming language is partic- 
ularly relevant when modularity is involved. In fact, one of the most critical 
aspects in modular systems is the possibility of making a separate compila- 
tion of modules, and this can only be made in the presence of some kind of 
compositionality. 
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5.1 Compositionality and Full Abstraction 



In order to study the compositionality and full abstraction of a semantics, we 
have to clearly set out these notions. We will adopt the approach proposed 
in [Q, where compositionality and full abstraction are defined in terms of the 
equivalence relation between programs induced by the semantics. 

Definition 5.2 (Compositional relation) Given an equivalence relation = 
defined between programs, an observation function Ob defined for programs, and 
a set Oper of operations with programs, we say that 

1. = preserves Ob iff for all programs V and Q, V = Q =>• Ob(fP) = Ob(Q); 

2. = is a congruence wrt Oper iff for all programs V% and Qi and all O G 



Oper, Vi = Qi, for i = 1, . . . ,n, implies 0(Vi, . . . ,V n ) = 0(Qi, ■ ■ • , Qn); 



3. — is compositional wrt (Ob, Oper) iff it is a congruence wrt Oper and 
preserves Ob. 

To set the notion of full abstraction for an equivalence relation, we need some 
way of distinguishing programs and for that reason we introduce the notion of 
context. Given a set of operations on programs Oper, and a metavariable X, we 
define contexts CffA'J inductively as follows: X and each program is a context, 
also for each operation O 6 Oper with n program arguments and C\ , . . . , C„ 
contexts, 0(C\, . . . , C n ) is a context. Two programs V and Q are distinguishable 



under (Ob, Oper) if there exists a context CJA"]] such that CJPfl and C[Q] 



have different external behavior, i.e. Ob(C\Vf) ^ Ob(C[[QJ). When V and Q 
are indistinguishable under (Ob, Oper) we will write V =ob,Oper Q, i.e. for all 
contexts C, Ob(C\Tl) = Ob(C\Q\). 

Definition 5.3 (Fully abstract relation) An equivalence relation = is fully 
abstract wrt (Ob, Oper) iff for all programs V and Q, V =ob,Oper Q V = Q. 

A semantics S for a programming language provides a meaning for programs 
and also induces an equivalence relation =5 between programs: two programs 
are equivalent iff they have the same meaning in this semantics. This equivalence 
relation is used for defining compositionality and full abstraction for semantics. 

Definition 5.4 (Compositional and fully abstract semantics) A seman- 
tics S is compositional or fully abstract wrt (Ob, Oper) iff its corresponding 
relation =5 is compositional or fully abstract, respectively, wrt (Ob, Oper). 

Obviously, for each pair (Ob, Oper) there exits a compositional and fully 
abstract relation between programs, the relation 



V = { ob,Oper) Q ^def Ob(C[[V}}) = Ob(C[[Q]\), for every context C^X]]. 



For each compositional equivalence relation =, it is easy to see that V = Q => 
V =(ob,Oper) 2j an d for each fully abstract equivalence relation =, V =(ob.Oper) 
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Q => V = Q. Thus, =(ob.Oper) will be the only equivalence relation which is 
both compositional and fully abstract wrt (Ob, Oyer). And the more adequate 
semantics for programs (wrt (Ob, Oper)) will be a semantics that induces this 
relation. 

5.2 The T-Semantics 

To find a compositional semantics we may think about programs as open in the 
sense that we can build up programs from other programs adding rules for new 
functions and also for already defined functions (of the signature £ we were 
in) and imagine them as algebra transformers as is done in @ and §. The 
operator Tp considered as a function TAlg s — > TAlg s is a good candidate 
for the intended meaning of a program V . First, we have to note that the set 
[TAlg s — > TAlg s ] of all continuous functions from TAlg s to TAlg s , ordered 
by the relation 

Ti C T 2 ^ def VA e TAlg s • (T X (A) C T 2 (A)), 

with the least upper bound and the greatest lower bound of a finite set 
of functions pointwise defined as 

(u ieI T i )(A) = \J ieI (T i (A)) and (n zeI T)(A) = n zeI (T(A)) 

respectively, and with bottom Tj_ and top Ts such that 

T ± (A) = ±v and T S {A) = T S , V.4 £ TAlg s , 

is a complete lattice as a consequence of (TAlg s , C) being a complete lattice. 
Now, we can associate a program with the corresponding immediate consequence 
operator, instead of its least fixpoint. 

Definition 5.5 (T-semantics) We define the T -semantics by denoting the 
meaning of a program V by its algebra transformer {[ V \ T =def Tp, where 
T-p is intended as T r i(j?j . 

This semantics entails the following equivalence relation on programs: V =t 
Q -i^def T-p = Tq. Thus, two programs are =r-equivalent if both define the 
same immediate consequences operator. In this context, and coinciding with 
logic programming, a natural choice of the observable behavior of a program 
1Z is its model-theoretic semantics. So we will adopt as observation func- 
tion Ob(lZ) =def M-tz- Notice that M.-R captures the graphs of all functions 
defined in 71, whereas functions not included in the program are considered 
totally undefined (their images only can be reduced to _L). The semantics 
{[ • ]} T is compositional wrt this observation function and the set of operations 

Oper = {U, (•) , (-)\cr, /?(•)}. We can prove this fact by proving that {[ • } T is 
homomorphic in the following sense. 
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Theorem 5.6 Given a global signature E and a countable set of variable sym- 
bols V , for all programs V , V\ and V 2 defined over S, every subsignature of 
function symbols a C FSx, and every function symbol renaming p, we have the 
following results 

(a) ir 1 ur 2 } T - { V 1 } T U{ V 2 } T ; 

(c) lV\v} T = lPt T nT eip(P)v ; 

(d) ip{V)} T = T,- 10 {[P]} T oT p ; 

where, for every algebra A G TAlg s and every subsignature a C FSj;, A\ a is 
the term algebra characterized by 

f AU (t) = for all ti, . . . ,t n G CTerm ± , if f/n G a, 

f A \<*(t) = {±}, for all t\, . . . ,t n G CTermj_, otherwise. 

For each subsignature a C FSs, T a is the constant algebra transformer that, 
for all A G TAlg s produces the same term algebra T a characterized by 

f T " (i) = CTerm_L, for all h,..., t n G CTerm ± , if f/n G a, 



f T "{t) = {_L}, for all t!,...,t n G CTermj_, oth 



erwise. 



And, for each rename p, T p and T p -i are the algebra transformers defined by 
T p (A) = A p and T p -i(A) = A p -i where A p and A p -i are the term algebras 
characterized by 

f A " = o(f) A and f A p- % = { U ^ gA ' ? = P< - 5 ^' wheU tkis S6t is n0t empt y' 
■' Pyj ' J \ f ±s otherwise, 

for every function symbol f in FSz . 

Proof. 

(a) For the first result we have to prove that T-p lU v 2 (A) = T-p 1 (A) U T-p 2 (A), 
for all A G TAlg s . For each / G FS%, with n > 0, and ti, . . . , t n G CTerm ± , 
jT VlUV . 2 (A)^ = jT Vl (A)(fj j fT V2 (A) because every rule in Ti U V 2 with an 
instance that can be used in the construction of f T viuv 2 (A) (r^ is also a rule 
in V\ or V 2 , and the same instance can be used to construct f rv ^ A ^(t) or 
f r -p 2 {A) ^ respectively, because the applicability of this instance only depends 
on its arguments and the term algebra A. Reciprocally, every rule in V\ or 
V2 with an instance applicable to construct f T ' Pl ^(t) or f Tv ^ A ^(t) is a rule 
in V\ U V 2 with the same instance applicable to construct / Tp i up 2 f- 4 ) (t) for 
the same reason. Finally, by definition of the operation U between term alge- 
bras, f^i ^ (t)Uf T ^ W (t) = f T -Pi W^ r v 2 {A) and therefore fv^v 2 {A) ^ = 

j-T Tl (A)UT-p 2 (A) 

(6) In order to prove the second result, as 7p (J_s) = Mv, we only have 
to prove 1^°{A) = Mv\a for all A G TAlg s . For / G FS£ and ti,...,t n G 
CTermi, if / jn £ a then there is no rule for / in V° and f T v'( A )(t) = {_L} = 
f M -p\°, and if f/n G cr then wc will prove that f T -'^(t) = f Mv (t). For 
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t G j T v a i A ){t) there exists crr(f(s), r) — f(s') — » r <= C in P and a substitution 
such that t G = (7-0) with s'0 C i and A \=id CO, what means that 9 

is totally defined in variables of s and r. By the special joinability statement 
of C we can obtain a total substitution 9' (by considering only the part of 9 
involving the variables of s and r) such that W' C s'# C i and r6>' = r#. Since 



^ I^c/jwl /(s) — > r, r G f Mv (s), and as .M-p is consistent (see Section |6.2| ), 
rO' G f Mv {-s9') and by the monotonicity of r(9 G /^^t) and so, i G 

f Mv (t). Reciprocally, i G f Mv (t) implies 7> h /(f) -» i or crr(f(t),r) G 7> and, 
by considering we have ]]^ = (i) C f Tz p"^(t) for every term algebra .4. 
and so, t G f 7 ^" ^ (t) 

(c) For this result we have to prove that T-p\ a (A) = Tv(A) n T ea; p(-p)\ CT (.4), 
for all .A G TAlg s , and this is equivalent to f r -p\«( A ) = f 7 ^^, for all jf/n G 
exp(V) \ a, and /-^V^) (t) = {_L}, for all //n G er. The first equality is easily 
proved by taking into account that V and V \ a have the same rules for each 
f /n G exp(V) and remembering that the applicability of every instance of these 
rules to construct /^W^) (i) and f^^it) only depends on its arguments and 
the term algebra ^4. The second equality is trivial because there is no rule in 
V\a for //n G cr. 

(d) For the last result we have to prove that T p (-p)(A) = T p -i(Tp(T p (A))) 
for all A G TAlg s . On the one hand f^m^l (£) is constructed from all 
rules g(s) — > r <= C in V, with p(g) = /, such that, for any 9 G CSubst^, 
{p(si))9 C tj, for i = 1, . ,.,n, and .A (=j<j (p(C))9, by considering the union of 
the corresponding cones [[ (p(r))9 ]]^. On the other hand, J^- 1 ' 7 ^ 7 ^- 4 )))^) is 
/V 1 ^^))^) and by the definition of T p -i this is equal to {U{g r ^ A ^ \ p(g) = 
f})(t) which is the union of the cones g 7 ^^^ (t), and each cone is constructed 
from all rules g(s) — ► r <= C in V such that, for any 9 G CSubst^, Si& C ti, 
for i = 1, . . . , n, and A p |=j<j C#, by considering the union of the corresponding 
cones [[ r9 ]]^ p . But, as the function renaming p does not affect constructor terms 



or variables we have (p(sj))0 — SiO; from Proposition |2.2|(_?), (p(C))9 — p{C9); 
and from Proposition |2^(3), A \=u (p(C9)) ^ A p (=,d CO. So, the same 
rules of V are used to construct f T i>(-P)( A ) (£) and /V 1 ( r v( T M))) (I), and from 
Proposition [2^(^,2), we conclude that both cones coincide. □ 
Thus, the meaning of the union of two programs (a) can be extracted from 
the meaning of each one, the meaning of the closure of a program (6) is ob- 
tained from the fixpoint of the program semantics, and deleting a signature 
from a program (c) is semantically equivalent to the intersection of the program 
semantics with an algebra transformer which depends on the exported signature 
of the program. Nevertheless, the intersection we are mentioning here is not an 
operation over programs (as in ||) but an operation on algebra transformers. 
The meaning of a renamed program (d) can be obtained as the composition of 
the meaning of the program with two algebra transformers associated with the 
renaming and its reverse. 

Corollary 5.7 (Compositionality of {[ • ]} T ) The semantics^ ■ ]} T is compo- 
sitional with respect to (Ob, {U, (•) , (-)\cr, p(-)}). 
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Proof. 

The notion of observable, which coincides with the least fixpoint of the seman- 
tics, is obviously preserved by this semantics. On the other hand, the congruence 
property is directly derived from the previous theorem. We only need to justify 
that{ V } T n T e2 , p( p)\ (T ={[ Q } T n T exp ( Q )\ CT , for every subsignature a C FS S , 
when{[ V \ T —\ Q ]} T , independently on whether exp(V) is equal to exp(Q) or 
not. In fact, if f/n G exp(V)\cr and f/n exp(Q)\a then //n exp(Q), which 
implies f T ^ A) (t) = {JL}, for all ii , . . . , i„ G CTerm ± and f T ^ A \t) = {1} be- 
cause T-p = Tq. The same result is obtained if we suppose f/n$ exp(V) \ a 
and //n G exp(Q) \ o\ Therefore, /(^'WtovX- 4 )^) = f(T a nr txpla) ^)(A)^ t 
□ 

As the above corollary states, {[ • ]} T is compositional wrt union, closure, 
deletion and renaming, when the canonic model of a program is taken as its 
observable behavior. However, the following example shows that it is not fully 
abstract. 

Example 5.8 Let E be a signature ({c/0, d/0}, {//0}) and let V and Q be the 
modules such that rl(V) = {/ — * c, / — > d} and rl(Q) = {/ — ► c, / — > d •<= 
/ [xi c}. T/iey are indistinguishable under {U, (•) , (-)\cr, /?(•)}; ^ e 2/ are 
=t -equivalent. In fact, 7p(J_s) 7^ ^q(J-e) because f 7 ^^^ = {c, d, _!_} whereas 

/T C (± S ) = {C)±} . 

The T-semantics distinguishes more than the model-theoretic semantics, 
since the immediate consequence operator captures what is happening in each 
reduction step, but the non-full abstraction result means that this semantics 
distinguishes more than necessary It is too fine. In the next section we will try 
a coarser semantics — also studied in logic programming Q — defined from the 
sets of pre-fixpoints of T. 



6 A Fully Abstract Semantics 

In this section, a fully abstract semantics is presented, which is also composi- 
tional except for the deletion operation. For a better motivation, we will not 
introduce this semantics directly. Instead, we will define a first approximation, 



the so-called term model semantics (Definition 3.1 ), which only is compositional 



(wrt the union, closure and renaming operations), and then we will obtain the 



full abstraction property by restricting the term models (Definition 6.1C ) 



6.1 The Term Model Semantics 

Formally, we will introduce the first semantics by directly considering the cor- 
responding equivalence relation. 

Definition 6.1 (Model equivalence) Two programs V and Q are model- equivalent 
iff their algebra transformers have the same pre-fixpoints 

V = M Q^>~iAe TAlg E • (T V (A) T Q (A) C A). 
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By Lemma 3.4 this means that two programs are equivalent iff they have the 
same term models. 



This equivalence relation corresponds to the following semantics: 

{ V } M =def {M I M is a term model of V} 

which will be called loose model-theoretic semantics, or simply term model 
semantics. In order to derive the corresponding result about compositionality, 
we need an auxiliary property about T p and T p -i . 

Lemma 6.2 Given two term algebras A,B G TAlg s , for every function symbol 
renaming p, 

A p -i E B <=> AQ B p or, equivalently, T p -i(A) Q B A Q T p (B) . 
Proof. 

Let A and B be two term algebras such that A p -i E B. Then, for all function 
symbols /, f Ap ~ 1 (t) C f B (t), for t\, . . . ,t n g CTerm^. This is equivalent to 
LKff (*) I / — Pid)} E f B (t)- Thus, for all function symbols g, by considering 
their images p(g) — f, we obtain g (t) C p(g) B (t) = g p (t) or, equivalently, □ 
£? p . The implication in the other way is obtained by reversing this reasoning. □ 
This lemma claims that T p -i is, essentially, the reverse operator for T p . 

Theorem 6.3 (Compositionality of {[ • ]} M ) For all programs V, Q,Vi, Qi, 

1. V = M Q implies Ob{V) = Ob(Q). 

2. Vi =u Qi fori = 1,2, implies Vi U V 2 =m Qi U Q 2 . 

3. V =m Q implies V =m Q , for every signature a. 

4- V =m Q implies p(V) =m p{Q), f or every function symbol renaming p. 
Therefore, the semantics {[ • ]} M is compositional wrt (Ob, {U, (•) ,p(-)}). 
Proof. 

1. If V =m Q then V and Q have the same set of term models and, in particular, 
they have the same least term model. So Ob(V) = Ob(Q). 

2. Le t A be a term model of V\ U V2, then 7j> lU -p 2 (A) C A and, by The- 
orem |J(a), T Vl (A) UTpJA) = {T Vl UTp 2 )(A) = T VlUT > 2 (A) C A, therefore 
2p 4 (-A) E A for i = 1,2. From = M Q 4 , we obtain T Qi {A) E A for i = 1,2, 
and again by Theorem |J(a) r QlUQ2 (^) = (T Qi UTq 2 )(A) = T Ql [A)UTq 2 (A) E 
^4, and ^4 will be a term model of Qi U Q2- By reasoning in a similar way, it can 
be obtained that all term models of Qi U Q2 are also term models of V\ U V2 
and this proves that V\ U P2 =M Qi U 62- 

3. To prove the third statement we only need to take into account that, by 
the first statement, V =m Q implies Mv — Mq and therefore M.v\a — A^g| CT , 
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for all a C FS-£. And, by Theorem |j](b), this implies %p<* — Tq" ■ Therefore, 
they will have the same pre-fixpoints and consequently V" =m 0° • 

4- Finally, for each term model A of p(V), Tp£p) {A) C A or (Tp(A p )) p -i C 
A, by Theorem |5.6| (d). From this, by Lemma |6.2| , we obtain T-p{A p ) C A p . 
Thus, if V =m Q we have Tq(A p ) C A p , and again, by applying Lemma |6.2| 



and Theorem 5.6(d), we derive T p ^Q){A) Q A. So A is a term model of p(Q). 
By reasoning in a similar way, it can be proved that all term models of p(Q) 
are also term models of p(P) which proves that p(P) =m p{Q)- O 
Unfortunately, this semantics is not compositional wrt deletion. 

Example 6.4 Let S be the signature ({a/0, 6/0}, {//0, g/0}) and let V and Q 
be two modules with rules rl(V) = {/ — ► a, g — » b} and rl(Q) = {/ — » a, g — > 
6 <^= / ixi a}. 5o</i modules have the same term models, those term algebras A 
with a € /"^ and b £ g A . But by deleting //0 in each module we have V \ {//0} 
and Q\{f/0} withrl(V\{f/0}) = {g -> 6} and rl(Q\ {//0}) = {5 -f 6 -4= / tx 
a}, and now _!_£ is a model o/Q\{//0} whereas it is not a model ofV\{f/0}. 

For a different reason, the semantics {[ • ]} M is not fully abstract. 

Example 6.5 Let S be the signature ({a/0}, {//0, g/1}) and let V and Q be 
two modules with rules rl(V) = {/ — > a <= g(a) IX a} and rl(Q) = {f a <= 
g(X) ix] a}, where the rule in V is an instance of the rule in Q. Obviously, both 
modules are indistinguishable but they do not have the same term models. Ln 
fact, if we consider the algebra A such that: f A = {-L}, g^(X) = {a, _L} and 
g' A {a) = {J-}, A is a model ofV but it is not a model of Q. 



6.2 Consistent Term Algebras 

To prove the full abstraction property we need to consider a different equivalence 
relation (i.e. semantics). If we observe the above counter-example, we can 
see that, for the term algebra A used to distinguish {[ V \ M from {[ Q } M , 
g A (X) = {a, _L} and g A (a) — {J-}; that is, A is such that the instantiation 
of the variable X derives in a loss of information for the interpretation of g 
because g A (X9) is smaller than ( g- A (X ))9, for 9 = {X/a}. In general, the 
notion of term algebra (see Section |2.3| ) does not impose any relation between 
g A (t9) and [g A (t))9. This is not reasonable if we take into account the role 
of term algebras when they are used to model programs. On the contrary, the 
interpretation of a function symbol (in a term algebra) applied to arguments 
with variables must be related to the interpretation of the same function symbol 
when these variables are instantiated. With this idea in mind, we introduce the 
notion of consistency in a term algebra. 

Definition 6.6 (Consistency of term algebras) A term algebra A G TAlgj 
is consistent iff for every f 6 FS£ and ti E CTerm^ (i = 1, . . . , n), f A {t9) D 
(f A {t))0 for all 9 e CSubst, where (f A (t))9 stands for the set {u9 \ u £ f A (t)}. 

We will denote by CTAlg s the family of all consistent term algebras. Note that 
consistency is only required for total substitutions (i.e. substitutions which do 



31 



not include partial constructor terms). This is due to the special treatment of _L, 
which is considered as lack of information. The notion of consistency here intro- 
duced is close to that of closure under substitutions defined for interpretations 
in H , and is also related with the notion of C-interpretation considered in jllj , 
but our requirements are weaker than those ones. To justify the reasonable na- 
ture of consistent term algebras we will prove several desirable properties. For 
instance, the immediate consequences operator maps consistent algebras into 
consistent algebras, and the canonical model of a program is consistent. 



Lemma 6.7 For every A 6 CTAlg s , r G Termi, and 9 E CSubst, 



c 



Proof. 

The proof is by induction on the structure of r. There are several base cases: 
r G {_L} U DS%, reV, or re FS*°. In the first case, [[r]]f d = [[r9]}f d and these 
cones have no terms with variables. In the second case, = {9(r),±}, 

and this is a subset of|r#]] id . In the third case, [r]] id # C [r0]] irf because 
r9 = r and r A 9 C r A for A consistent. In the general case, r = h(e), with 
h G DS% U FSg, ei e Term ± (i = l,...,n), and n > 0. Then, [[/i(e)6>]]^ = 
lKeO)\td = U Ul e[[ ei e]]^ h A (u). Assuming [[e,]}f d 9 C [[ ei 9}}f d (i = 1, . . . , n), as 
the induction hypothesis, we obtain U Ui e[[ ei e flr 4 - h A {u) D {J u . £ [[ e .^ d g h A (u) = 
Uu e[[ e ;]•* h A (v9). Since A is consistent, h A (v9) D h A (v)9, and therefore 
Uvtewl^W) 3 \J VieM t d ^{v)0 = ({J Vieleil Ah A (v))6 = [[h{e)]]f d 9. 
So, lh(eje}f d Dlh(enf d O- □ 
Proposition 6.8 Given aprogramV, if A G CTAlg s , thenT v {A) £ CTAlg s . 
Proof. 

Let / e FS% and t 1} . . . ,t n G CTerm ± . Hue .f Tp{A) (t) then there exists 
a rule /(s) — > r -<= C in [P]± such that S{ C U (i — A \=id C, 

and u e lr}f d . For 9 e CSubst, u9 e lr]}f d 9 C [[r6»]]^ by Lemma [p, and 
A \=id C9 because, if a txs b e C then there exists t £ [[a]],^ H with 
i G CTerm, and [o0]^ 2 la]]f d 9 and [60]^ D [[6]]^6> again by Lemma ^ 
so ^ G n [[fe]]^6», and t9 G CTerm because 6 CSubst. Thus, we 

can consider the rule /(s0) — > r# <= C6*, which is also in [Pjj., with Si# C ij# 
(i = 1, . . . , n), to derive that u0 G / Tp( - 4) (i6»). □ 

Proposition 6.9 Given a program V , the canonical term model M-p is consis- 
tent. 

Proof. 

Clearly, ± s is consistent. Thus, by Proposition |6j| 7^ l (± s ) G CTAlg E , 
for all n > 0, and then 7^(_L S ) G CTAlg s since for every f/n G FSs, 

cr^)(i))0 = (u n>0 r^-mw - u„> {f T ^^Kt))o c u„> / r - (±s) ^) 

f T v^){t9). □ 
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6.3 The Consistent Term Model Semantics 

Now, wc may define an equivalence relation based only on consistent term mod- 
els. 

Definition 6.10 (Consistent model equivalence) For programs V and Q, 
we define the consistent model equivalence as 

V =cm Q ^def Wt e CTAlg s ■ (T V (A) QA^T Q (A)QA). 

This equivalence is clearly weaker than the model equivalence and corre- 
sponds to the following semantics 

{] V ~\ CM = {M. | M is a consistent term model of V} 

which will be called loose consistent model-theoretic semantics, or simply con- 
sistent term model semantics. Obviously, {[ V \ CM ]W H CTAlg s , and 
the compositionality property of this semantics may be obtained in a similar 
way as the compositionality of the term model semantics. 

Theorem 6.11 (Compositionality of \ ■ \ CM ) For all programs V , Q, Vi, Qi, 
1- V =cm Q implies Ob(V) = Ob(Q). 

2. Vi =cm Qifori = l, 2, implies Vi U T 2 =CM Qi U Q 2 . 

3. V =cm Q implies V" =cm 0° , for every signature a. 

4- V =cm Q implies p(V) =cm p{Q), for every function symbol renaming 
P- 

Therefore, the semantics {[ • \ CM is compositional wrt (Ob, {U, (•) ,/?(•)})■ 
Proof. 

We can repeat the proof of Theorem 6.3 but considering pre-fixpoints in CTAlg s 
and taking i nto account that the least model of a program is consistent. □ 
Example 6.4 also illustrates the non-compositionality of {[ • ]} CM wrt the 
deletion operation because the programs V and Q only define functions without 
arguments. However, this semantics is fully abstract; to prove this fact, we need 
an auxiliary result, showing how a (minimal) program V can be constructed 
from a consistent term algebra A and an element t G U?"]]^ such that A is a 
model of V and t € [[r H^ 73 . Proposition 3.13 formalizes this idea. In order to 
simplify the proof of this result, we will prove some properties about the notion 
of canonical rewrite rule already introduced in Definition |4. 



Lemma 6.12 For each canonical rewrite rule crr(e,r), T^ crr ^ e r ^y is constant 
and if e = f(t) then, for every term algebra A, 



h T {crr{c , r)} (A) (-) = [ U, )e CSubst {[[ r v}}f d \tV^s}U{±} ifh = f, 
\ {J-} otherwise 
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Proof. 

In fact, when we apply 7{ crr ( e . r )} to a term algebra A only the interpretation of 
/ is affected. It is obvious that / r {<=™-(e,r)}(-A) contains Urjecsubsti I r7 ? lid I — 
s}. On the other hand, if u G f r {^r^,r)}(-A) ^ then there exists an instantia- 
tion f{t'rj') — > rry' <*= Cry' of the rule crr(e,r), with 77' G CSubstj_, such that 
*V E s, -4 |=id CV and u € [[?V]]id- The definition of C forces 7/ to be total 
for all variables of crr(e,r) that do not replace occurrences of _L in t. Now, we 
can define the total substitution 77 G CSubst as Xr\ — X'rj for each variable 
X such that X = X'8j, for a ny variable X' and 6j being the substitution con- 
sidered in the Definition 4.6, and Yrj = Y for all other variables Y. Note that 
the definition of r\ is correct because if X\dj = X^Qj then X\rf = X2T)' since 
X\ x X 2 G C and A \=id Crf . Moreover rr\ — r'rj' and tr\ C 1 77', and so try C s 
and u G [[r^]]^. As [[7-77]]^ has the same value for all algebras A G TAlg ± , 
T{crr(e,r)} will be constant. □ 

Proposition 6.13 Let A G CTAlg s be a consistent term algebra, and r G 

Term^ . Then, for every t G [[ r L d , a program lZ t exists such that t 6[rL TC( and 7^ (A C 

A Moreover, Tji t is constant. 

Proof. 

We will proceed by induction on the structure of r. We can distinguish two 
base cases: r G V U U and r G FS%. In the first case, \r\f d = 

(r) = [[r]| id TCt , for every program in particular for lZ t = 0, and T® is 
constant with 7®(A) = i_s C A. In t he se cond case, if r = / and _L ^ t G / 
let be ft t = {crr(/,t)}, by Lemma 16.121(g), 7^ is constant and f T ^M) = 

U^ecsubsttt^]]^ = Uyecsubst ( i7 ?> ( since / has 110 arguments,). Obviously 
t G f T ^M) and i G jfW-Ls) C /^J^ = = [[r]]^ Kt . Since „4 is 

consistent, £77 G /^Ty C (frj) A — f A for all 77 G CSubst and / TR t(- /l ) c J- 4 , and 
as the rest of function symbols are non-defined in T-ji t (A) , we obtain Tn t (A) C 
A 

In the general case, r = ft(e) with ft, G FSQ U -D^g and e, G Termi (i = 
1, . . . , n). As t G [ ft(e) implies that there exist Uj G [[ ej ]\ id (i = 1, . . . , n) such 
that i G /^(v), by applying the induction hypothesis to each pair Vi, e^, we 

have programs IZt such that Vi G [[ei]] id TCi with 7^ constant and T-r^A) C A 
Now. 

1. If ft G DSg let be fti = UILi^- As n i E we have A4 TCl E X Kt 



and, by Lemma [O], [[ei]]^ TCl C [[e^]^* what implies G [[ei]]^ TCt 
(i = l,...,n) and ^ (v) C M . c ^M«) = [[Me)]]^ Kf = 



but i G h A (v) = h M ^t[v), since ft(tT) G CTermi, and so t G 
f . On the other hand, by Theorem|[| (a), T Ut (A) = |J" =1 7^ 4 (A) E 



„4 and Ttjj is constant. 

2. If ft G FS*£ let be K t = (ULi^) u {crr{h{v), t)}. If crr(h(v),t) 
h(v') — ► t C; then, for the substitution 0^ (see Definition |4.6|), tJ = v' 
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and CO- only contains joinability statements X ixi X, which are en- 
tailed by every term algebra, sote h T i° rr ( h (^^> ( -- Ls \v) C hF^t ( x s) (^) c 

As [[e,]]^ C[[e,]]^, „ 4 G [[e^ (i = l,...,n) and 
fc***.(5) C IKe)]]^ = irp*\ and therefore * G As, by 

Theore m |5~6| (a), 7^ t = (ULi^n.) U % rr (h(v),t), 1~K t is constant. By 
Lemma |6.12| (g), 

ftW , t)} (.4) N = (J { ^ | E _ } y 

?7eCSubst 

t»j G h A (vrf) for every 77 G CSubst ± and .4 G CTAlg ± , and h A (vrj) C 
^•^(w) when vi) Ciby the monotonicity of /i" 4 , therefore /i 7 ^ <="•(»-, <o> (-4) (yj) c 
^•^(w); moreover, for every function symbol g ^ h, g^"^^.*)}^ (w) — 
{_!_} C h A (w). Therefore 7/ crr / r) m (.4) E A As by the induction hypoth- 
esis T Ui (A) Q A (i = 1, . . . ,n), it results T n (A) C A 

□ 

Now, we can obtain the full abstraction property for {[ • ]} C . M . 

Theorem 6.14 (Full abstraction of {[ • ]} CM ) TTie semantics {[ • ]} CM is fully 
abstract wrt {Ob, {U,Q CT , (-)\(r, /?(•)}) 

Proof. 

We will prove that programs "P and Q such that 7> ^cm Q ar e always distin- 
guishable, so non-distinguishability of programs has to imply semantics equiv- 
alence. If V ^cm Q we can assume, without loss of generality, that there 
exists A G CTAlg s such that T-p(A) C A and Tq(A) % A, what means that 
there exist / G FS% and U G CTerm ± (i = 1 . . . n) such that t G /^(^ (?) and 
f £ /^(i). By the definition of T a (A), we have f(s) -> r C G [Q]_l such that 
sCi, |=jd C, and < G [fly K C = { a j 1x1 j}j=i then there exists a maximal 
lj G [[ Oj ]]^ n [[ 6j J jd , for j = 1, . . . , m, and we may consider the programs IZt 
for * S [[r]]^, ft. for Z 3 - G Jo,- }}f d and ftj. for G [[bj }}f d (j = 1, . . . , m), as in 
the previous proposition, and ft = ft t U (Uj=i ^ij) u (Uj=i ^%)' Obviously, 
7^(.4) Q A and A^K t , M-Ri . , Mn[ E Mn- If we define the context C[[ X} = 
X Uft it can be proved that Ob(&lV}]) / 06(C*[[Q]]). In fact, as it will be 
shown, t G f M °l a 11 (t), but t ^ n (i). Note that t G f T ^ M ^){t) because 

ielC and *i n[[6,]]^-, and fr a {Mn)Q = f r Q (T^ ))(J) Q 

flaunt) (t) = j M c[[Q]]{t) because T Ql T n C T SuK , so t G /^isifi). But 
7^jjpj(±s) E -4, for all k > 0, because it is trivially true for k — and if we 
assume 7^ p j (J-s) E .4 then, by the monotonicity of Tpj p j and the properties 

of ft, r*+^(± E ) = Tc tt 7»i(^ I7J] |(-Ls)) e r cm (.A) = r P (^)ur K (i) c ^ 

and thus, M C [[ v ]] E A As t /•*(*) also i ^ /^cj v 1 (t). □ 
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7 A Compositional and Fully Abstract Seman- 
tics 



The fact that the consistent term model semantics is fully abstract but not 
compositional wrt the deletion of a subsignature means that this semantics is 
more abstract than necessary. We need a finer semantics but not as fine as 
the T-semantics. One way of obtaining such a semantics is by increasing the 
number of pre-fixpoints (related to the T-operator) to be considered when we 
compare two programs, and, in order to obtain compositionality wrt the deletion 
operation, we may consider the consistent term models of all programs obtained 
by deleting a subsignature. With this idea we define the following equivalence 
between programs 

Definition 7.1 (Deletion equivalence) For programs V and Q, we define 
the deletion equivalence as 

V= D Q & def Va C FS-£ ■ (V\a = CM Q \ a). 

This equivalence is finer than the consistent model equivalence and coarser than 
the equivalence induced by the T-semantics. In fact, V =jj Q implies V =cm Q 
because this relationship coincides with V \ <ro =cm Q \ o~o, where cto is the 
empty signature. And if V =t Q, or equivalently Tp = Tq, it can be proved 
that fv\a = Tq\u, for all & C FSz, and then V\cr =cm Q\c, f° r all °~ Q FS^, 
which isV=d Q- The deletion equivalence is compositional wrt all operations. 

Theorem 7.2 (Compositionality of =d) For all programs V, Q,Vi, Qi, 

1. V = D Q implies Ob(P) = Ob(Q). 

2. V t = D Qi for i = l,2, implies V x U V 2 =d Qi U Q 2 - 

3. V =d Q implies V =d Q , for every signature a C FS^,. 

4- V =d Q implies V \a =jj Q\o~, for every signature a C FSs. 

5. V =d Q implies p(V) =d p(Q)> f 0T every function symbol renaming p. 
Thus, the equivalence =r> is compositional wrt (Ob, {U, (•) , (•) \ a, p(-)})- 
Proof. 



1. Trivial because V =d Q implies V \ ctq =cm Q \ 0o, for the empty 
signature a Q , so V = C m Q and Mv = Mq or Ob(P) = Ob(Q). 

2. Pi = D Qi implies V l \a = C m Qi\&, for all a C FSx, and Vi\a =cm Qi\<J 
(i = 1,2) implies (Vi\o-)U(r 2 \o-) =cm (Qi\(t)U{Q 2 \(t), by Theorem |oTlT|(g). 
But, by Proposition P^U), {Vi UV 2 )\o-= (Vy \ a) U {V 2 \ <r). So V l = D Q u 
for i = l,2, implies (P 1 UV 2 )\cr = C m (Qi U Q 2 ) \ a, for all a C FS S , which 
means Ti U V 2 = D Qi U Q 2 . 
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3. V= D Q implies V =cm Q- By Theorem [s7TT|C 3), this implies V° Xa 
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Q a ^ c , for all signatures a, a' C FSs. And, by Proposition |4.13] (5), = 
V \cr'. Thus, V =d Q implies V \a' =gm Q \o~', for all signature a' C FSs, 
which is T 3 =b S . 

4. By definition, V = D Q implies P \Ja U <r') = CM Q \ (cr U a 7 ), for all 



signatures ct,<t' C FS s . By Proposition |4.13|(g), V \ (a U ct') = (V \ a) \ a'. 
Thus, V = D Q implies (V\a)\ a' = CM {Q\cr)\a', for all <r' C FSs, which is 

5. Given a function symbol renaming p and a signature er C FS^, let 
cr p be the signature {/ £ FSs | p(f ) 6 cr}. By definition, V =d Q implies 
V\a p = C M Q \ o> By Theorem |B this implies p(P \ a p ) = C m p{Q \ o>). 

It can also be proved easily that p(V \ a p ) = p(V) \a. So, V =u Q implies 
p{T) \ a = C M p(Q) \ cr, for all a C FS* S , which means that p(V) = D p{Q). □ 

Theorem 7.3 (Full abstraction of =d) The equivalence =d is fully abstract 
wrt(Ob, {U,(T,(')W(-)}) 

Proof. 

We only need prove that V Q implies that there exists a context where we 
can discriminate the observable behavior of both programs. But V ^rj Q implies 
that there exists a signature a C FS% such that V\a ^cai Q\o~, and this implies 
that there exists a context C'^X]] such that 06(C"[[P \ a J) ^ 06(C"[[ Q\ a J) 
because the equivalence =cm is fully abstract. Thus by considering the context 
C[[X}} = C'[[X\a}} we have that Ob(C[[P}}) ^ Ob(C\Q\). □ 

Definition 7.4 (Deletion semantics) We define the deletion semantics of a 
program V as 

$V} D = {M f/n (V)\f/neFSv}, 

where My/ n ('P) is the set of all consistent term models of the rules of V that 
define f /n. 

The deletion semantics induces the deletion equivalence. 
Proposition 7.5 

V =D Q &def{ V} D ={Q } D 

Proof. 

If V =d Q then, for each f jn E FS^, we have V \ o-f/ n =cm Q \ °~f In for 
°~f/n = i ex p{'P)llexp(Q,j)\{f '/n}, which means M.f/ n (V) — Mj/„(<2), for each 
fjn e FS S ; thus I V } D =$ Q } D . Reciprocally, if$V} D ={Q} D then, for 
each a C FS S , { V\a } CM = f){M f/n (P) \ f/n £ (exp(V)Uexp(Q))\a} (where 
the intersection reduces to CTAlg s when the signature (exp(V) U exp(Q)) \ a 
is empty), and because M.f/ n (V) = Mj/„(Q), for all f/n 6 FSs, we have 
V \ a =cm Q \ o for each o C FS%, and consequently, V =d Q- O 
Thus, the deletion semantics is compositional and fully abstract wrt (0&,{U, 

(T. (o\^p(-)})- 
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8 Introducing Hidden Symbols 



In this section we explore an alternative to modules with an infinite number of 
rules, generated by the closure operation, that also supports local constructor 
symbols. For this aim we will consider a global or visible signature £ and a set V 
of variable symbols together with a new set fl of labels that wc identify with the 
set of module names and module expressions. With this set we obtain a labeled 
signature f2 x E = (Q x DSs , f2 x FSs ) which we will consider as protected or non 
accessible for users and writers of modules, that is, hidden. This signature will 
be only managed by the module system for internal representation of module 
expressions. Pairs (M, /) of ft x S, called labeled symbols, will be denoted by 
M.J. 



As we have seen in Section 4.1 the purpose of the closure of a module is 
to hide the definitions of function symbols, making only their results visible. 
To this aim, the rules of a module are replaced with all (possibly infinite) ap- 
proximations that can be derived from them. But we can obtain an internal 
representation of the closure operation, with a finite number of rules, with the 
aid of labeled symbols, following an idea that appears in || applied to the hiding 
of predicate definitions in logic programs. We go further into this idea applying 
it to deal with local constructor symbols. 

8.1 A Finite Representation of Closure 

Let V =< <7p, er e , TZ > a module of PMod(Ei) with a finite set of rules. We can 
protect its rules translating them to a protected signature by labeling all function 
symbols with the module's name and introducing a bridge rule f(X) — > V.f(X) 
for each function symbol f /n G cr E . In this way we obtain a module V* in the 
signature E_l = (DSs ± , FS^ ± U(f2 x FSs ± )) with an isolated (hidden) part TZh, 
made up of all translated rules, and a bridge part TZb for accessing the isolated 
part, made up of all bridge rules. Obviously with this module we can derive the 
same approximations, for visible function symbols, as with V in every context. 
We will call these modules structured modules to distinguish them from plain 
modules used up to now. In general, a structured module will be a module 

< tip, cr e , TZy U TZb U TZh > 

with a visible parameter signature o~ p , a visible exported signature er e , and a 
set of rules with three — possibly empty — parts, a visible part TZy made up of 
rules only with function symbols in FSs , a hidden part TZh made up of rules 
only with function symbols in Q x FSs, and a bridge part TZb made up of 
bridge rules f{X) — > V.g(X), for any label V G f2, such that each symbol V.g 
has a definition rule in TZh- Also, a e is made up of all function symbols with 
a definition rule in TZy or TZb, and a p is made up of all parameter function 
symbols which appear in TZy . We define union, deletion of functional signature 



and renaming in the same way as we did in Section 4.1, but we will use deletion 
and renaming involving only visible signature, and, instead of closure, we define 
a structured closure for a structured module V =< o~ p ,o~ e ,TZv U TZb U TZh > 
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as the module V* =< %,(j ei TZ* B U 1Z* H > obtained by applying the renaming 
t("P), that transforms each visible function symbol / of TZy and TZb into V.f 
and maintains all labeled symbols, and adding new bridge rules corresponding to 
the function symbols of o~ e . Now, we can define a representation morphism from 
modular expressions made up from finite plain modules to structured modules 
in the following way: 

• l(V) = V, for each finite plain module V; 

• i(V U Q) = t(V) U i(Q), for module expressions V and Q; 

• l(V \ <j) = t('P) \ cr, for each module expression V and visible signature <r; 

• i{p(V)) = p(i(V)), for each module expression V and visible signature 
renaming p\ 

• i(P) = (i(V))* , for each module expression V. 



Example 8.1 Let OrdList and OrdNat be the modules defined in the exam- 



ple 1.15 and 4-11, respectively, and let P be the name of the module i(OrdNat). 
The representation of OrdList U {isnat/ l->isbasetype/ 1} (OrdNat ) will be 
the structured module i(OrdList) U {isnat/l->isbasetype/l}(P*), with the 
following aspect 

<{}, 

{isbasetype/l , leq/2 ,geq/2, insert /2} , 
{ 7, visible rules 

insert (X,G) -> [X] <= isbasetype(X) >< true. 

insert (X, [Y I Ys] ) -> [X|[Y|Ys]] <= leq(X,Y) X true. 

insert (X, [Y I Ys] ) -> [Y| insert (X,Ys)] <= leq(X,Y) >< false. 
'/, bridge rules 

isbasetype(X) -> P. isnat (X). 

leq(X.Y) -> P.leq(X.Y) . 

geq(X.Y) -> P.geq(X.Y). 
7 hidden rules 

P . isnat (zero) -> true. 

P.isnat(succ(X)) -> P. isnat (X). 

P . leq(zero ,zero) -> true. 

P.leq(zero,succ(X)) -> P. isnat (X). 

P . leq(succ(X) ,zero) -> false <= P. isnat (X) >< true. 
P.leq(succ(X) ,succ(Y)) -> P.leq(X.Y). 
P.geq(X.Y) -> P.leq(Y.X). } > 



The behaviour of a structured module V =< a p , a e ,7lv U^bU TZh > wrt the 
visible signature can be expressed with the aid of the algebra transformer 

W P :CTAlg s ^CTAlg s 

defined, for each A, as U-p(A) — T-ji vU -ji b (T^ h (±^) U A)\s, where A is the 
extension of A to an algebra of CTAlg^r obtained by adding functions V. f A 
defined as V-f A (t) = (J_), for each f jn € FSs and Ped, and S|s means the 
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reduct of the algebra B € CTAlgjj obtained by forgetting all functions denoting- 
labeled function symbols. In this expression, Tj£ (A.jt) represents all the infor- 
mation which can be obtained from the hidden rules; this information is added 
to the extended algebra because this information has to be disponible for the 
immediate consequences operator corresponding to the visible and bridge rules 
in order to obtain the approximations for the visible functions. The relation- 
ship, at the semantical level, between program modules and structured modules 
is given in the following theorem. 

Theorem 8.2 For each modular expression £ , made up from finite plain pro- 
grams, and its implementation i{£), we have Tg — U L ^£)- 

Proof. 

This theorem can be proved by induction on the structure of £ . 

(1) If £ is a simple expression (a module name) then l(£)b = = l{£)h 
and U L (£) = T L ( £ ) V {A)\?, = Tg(A) because neither uses nor produces any 
information about labeled signature. 

(2) If £ = V U Q and Tp = U t n>) and Tq = U l (q), by Theorem \5.b\ (a) we 
have T VuQ (A) = T V (A) U Tq(A) = U L ( V) {A) UW t(s) (i). Also, by definition of 
h Ml(vuq) =^t(P)ut(S) an d 

U t,{V)\Jc(Q){A) = ?( l CP) v ,U t (P)B)U((,(Q)vU t (S)B)(^CP) H U t (Q)fr(- L s) U 

By Theorem \5.b\ (a) and taken into account that t{V)n contains all possible 
rules about its (labeled) function symbols and 'T$g\ H (-Lff) only contains relevant 
information about function symbols in l-(Q)hi the expession above is equal to 

T(L{v) v yjL(v) B ){T? {v)H {l-Y,) U-4)|s U T mq)vUl{q)b) (T i ^ q)h {± t: ) U A)\s 

that is, U,(t>){A) UU L{Q )(A). 

(3) If £ = "P/o~, a is a subsignature of visible function symbols, and Tp = 
K(V), by Theorem (c), T v \ a = Tp n T exp ^\ a = U i{v) n T exp(v \\ , and by 
the definition of c, U^-px^A) = U L (p\\ a (A), but again by Theorem 5.t (c), 



^i(P)vUi(P) B )\ir — 1~L(V)vUL(V)B nr ^exp(L(V)vUi(V)B)\iT ~ % (V ) y U l (V) B ^exp(V) \ a > 

because exp(V) = exp{i(V) v U l(V) b )- So, U^-p\ a ){A) = U L (v) n T exp (v)\a- 

(4) If £ = p(V), p is a visible signature renaming, and T-p = U ll r-p\, by 
Theorem \5. b\ (d), T p {p) = T p -ioTpoT p = T p -\oU L (j>\oT p . Also, by definition of 

and, again by Theorem |5.6| (d), the above expression is equal to 

^- 1 (^.(-p)vU t (-p) B (^(^f'P) fJ (^E) U ^)))|s ; 

but T p and T p -i only modify the interpretation of visible function symbols and 
T p (A) = T p {A) and T p -i (B)| s = T p -i (B| E ) for B G CTAlg^. So, the above ex- 
pression is equal to T p -i (T l(v)vUl(v)b (T? [v)h (±^)UT p (A)))\^ = T p -x {U l[v) {T p {A))). 
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(5) If £ = V and T-p = U t rp), by Theorem 5.t (b) %p applies every term 
algebra into 7p (J-e) = U%p\{l.ji), and by the definition of l, = U^-py; 

so, we have to prove U L (py{A) = U%ps(±T,) for all A € CTAlg s . Let i(V) =< 
o-p^e/lZvUKBUKH > andt(P)* =< $,a e ,n* B Ull* H >, where K* B = {f(X) -> 
| f/n e a e } and 7^ = t(V){K v U ft fl ) U K H - For all „4 G CTAlg s , 

K ( vr = r w . u2)| E = r^(T^(± E ))| s , 

because 7^.* only uses information about labeled function symbols and A has 
no information about such symbols, and 



-Sj E, 



and, as and Tu vU n B only produce information about symbol functions 
of a e , we only have to prove 7^(7^(1^)) = (T RvUKfl o (Id U 7^-)) w (± s ). 

But it can be proved that T n% (7^ (±^)) E {Tn v UK B ° (Id U 7^-)) J (± s ) C 

r TC .(r^(±s)) foralH>0. " " □ 

From this theorem we obtain that for two equivalent module expressions 

V and Q (i.e. V and Q have the same components but, possibly, different 
expressions with the operations), U l cp) — Ul(q) although it is possible that t(P) 
differs from i(Q) due to the occurrence of closure operations. Also, the models 
of a program module V will be the pre-fixpoints of U L (p) and we can define the 
visible semantics of structured modules based on this operator. In particular 
we obtain the deletion semantics by considering, for each structured module 

V =< <jp,o- e , IZy U TZb U TZh >, the indexed family of sets of pre-fixpoints of 
Mv\(<Te\f) f° r eacrl / l n € 



8.2 Local Constructor Symbols 

To simplify the theoretical study of programs composition in CRWL-programming, 
and to capture the idea of module as open program, we have assumed that con- 
structor symbols are common to all programs. However, as it was discussed in 
Section |J, this assumption prevents to hide constructor symbols, what is not 
acceptable from a practical point of view. 

We can hide constructor symbols by labeling them as we have done with 
function symbols to protect them against user manipulations. Labeled con- 
structor symbols can only be manipulated in the internal representation of the 
closure of the module corresponding to their label. Outside this module, func- 
tion symbols defined on labeled constructor symbols can only be applied to 
variable symbols or to other function applications that can be reduced to this 
labeled constructor symbols. To realize this idea we only need to modify our 
closure implementation extending it to manage constructor symbols also. So, 
we define closure hiding a subsignature C of constructor symbols for a module 
V as a (non plain) module Vc such that l{Vc) — Vq where Vq is obtained as 
V* but now the renaming t(V) also transforms each visible constructor symbol 
c of C into V.c. 
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Example 8.3 Let us suppose a module LNat for lists of natural numbers which 
exports the function symbols isnat/l, _<_/2 and _++_/2, and consider the fol- 
lowing module for binary search trees of natural numbers where tree constructors 
nil/0 and mktree/3 are used. 

BST = 

<{isnat/l, _<_/2, _++_/2}, {empty/0, insert/2, inorder/1}, 
{empty -> nil . 
insert (N, nil) -> mktree(N,nil,nil) <= isnat(N) >< true . 

insert(N,mktree(M,Tl,T2)) -> mktree (M,T1 ,T2) <= N >< M, isnat(N) >< true . 
insert (N.mktree (M,T1 ,T2) ) -> mktree (M, insert (N,T1) ,T2) <= N<M >< true . 
insert(N,mktree(M,Tl,T2)) -> mktree (M,T1 , insert (N,T2) ) <= M<N >< true . 
inorder (nil) -> [] . 

inorder(mktree(M,Tl,T2)) -> inorder (Tl)++ [Ml inorder (T2)] <= isnat(M) >< true . }> 

We may hide the tree constructors by considering (LNat U BST)^^ mktree} * 

This 

module will have the following representation: 

<{}, {isnat/l, _<_/2, _++_/2, empty/O, insert/2, inorder/1}, 
{ . . . 7. bridge rules of LNat 

empty -> BST. empty . 7. bridge rules of BST 

insert(N,Tl) -> BST. insert (N,T1) . 
inorder (Tl) -> BST. inorder(Tl) . 

... 7, hidden part of LNat 

BST. empty -> BST. nil . 7. hidden part of BST 

BST.insert(N,BST.nil) -> BST.mktree(N,BST.nil,BST.nil) 

<= BST.isnat(N) >< true . 
BST.insert(N,BST.mktree(M,Tl,T2)) -> BST. mktree (M,T1 ,T2) 

<= N >< M, BST.isnat(N) >< true . 
BST.insert(N,BST.mktree(M,Tl,T2)) -> BST.mktree(M,BST.insert(N,Tl) ,T2) 

<= N NBST.< M X true . 
BST . insert (N , BST . mktree (M , Tl , T2) ) -> BST . mktree (M , Tl , BST . insert (N,T2) ) 

<= M MBST.< N X true . 

BST. inorder (BST. nil) -> [] . 

BST. inorder (BST. mktree (M,T1,T2)) -> BST . inorder (Tl) BST.++ [M I BST. inorder (T2)] 

<= BST.isnat(M) X true . }> 

And we can use this module, without access to hidden constructor symbols, by 
only using the exported signature and visible constructor symbols, as in the fol- 
lowing module for sorting lists: 

LSort = 

<{empty/0, insert/2, inorder/1}, 
{listTotree/1, lsort/1}, 
{listTotree( [] ) -> empty . 

listTotree( [N|L] ) -> insert (N, list Totree (L) ) . 

lsort(L) -> inorder (listTotree(L)) .} > 

that has to be joined to (LNat U BST) {niIjmfctree} to obtain (LNat U BST) {niJimfctree} U 
LSort. 

The behaviour of a structured module V —< a v ,a e , TZy U TZb U TZh > with 
hidden constructor symbols wrt the visible signature can be expressed with the 
aid of the algebra transformer 

Up: CTAlg s - CTAlg E 



42 



defined for each A as U-p(A) — Tfi v ini B (T^ H (±^) LiA)\s, where now A is the 
extension of A to an algebra of CTAlg nxE obtained by adding functions V.f A , 
defined as V . = (-L), for each f/n G FS's and P G SI, and defining = 
f A (T) where tuple t is obtained from t by changing each term beginning with a 
labeled constructor term for _L, for each f/n G -FSx:, and means the reduct 
of the algebra B G CTAlg nxS obtained by restricting the carrier to CTermi 
and forgetting all functions denoting labeled function symbols. 

Obviously, the representation of the closure wrt the functional signature is 
a particular case of closure hiding a set of constructor symbols when this set is 
empty. 

9 Discussion 

Research in component-based software development is currently becoming a 
very active area for the logic programming community. In fact, we can find sev- 
eral proposals in the field of computational logic for dealing with the design and 
development of large software systems. Other related fields, like functional-logic 
programming are now proving that the integration of logic variables and func- 
tions may increase the expressive power of a programming language. A number 
of attempts are being made in this direction |t5[ |l6) to achieve a consensus on 
the characteristics a functional-logic language has to present. 

The current work tries to contribute to all these efforts by presenting a 
notion of module in the context of functional-logic programming, and by pro- 
viding a number of operations (satisfying some expected algebraic properties) 
expressive enough to model typical modularization issues like export /import re- 
lationships, hiding information, inheritance, and a sort of abstraction. We have 
chosen the Constructor-based Conditional Rewriting Logic |l4j to develop our 
proposal and, in this context, we have explored a rather wide range of seman- 
tics for program modules and we have studied some of their relevant properties, 
in particular, those concerning compositionality and full abstraction wrt the 
observation function Ob(V) = M-p and the set {U, (•) , (•) \a, p(-)} of module 
operations. Although these features are interesting enough from a theoretical 
point of view, they present a special significance when module reusing, mod- 
ule refining or module transforming are involved. The least model semantics, 
{[ • ]} iM > is a fully abstract semantics, which is only compositional wrt {(•) , p(-)}, 
but only for injective function renamings p. On the contrary, the T-semantics, 
{[ • ]} T , is compositional (wrt all operations), but is not fully abstract. The third 
proposal, the loose model-theoretic semantics, {[ ■ ]} M , is also compositional (ex- 
cept for the deletion operation), although the full abstraction property is not 
satisfied. A fully abstract semantics, {[ • may be obtained by considering 

a consistency property on term algebras, which is also compositional wrt the 
union, closure and renaming operations. To recover the compositionality wrt 
deletion we need a finer semantics able to capture the "independent" meaning 
of each function in a module; this is the case of the deletion semantics, {[ • J} D , 
which still is fully abstract and compositional wrt all operations. We have also 
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studied the (T U Id)-semantics,{[ • ]} Tu/ , but we have not included this study in 
this paper because it exhibits the same properties as the T-semantics. Table [j] 
summarizes the properties satisfied by each one of the analyzed semantics. It 
is possible to establish a semantics hierarchy ranging from the model-theoretic 
semantics to the T-semantics on the basis of the following order for the equiv- 
alence relationships induced by these semantics 

=T E =TU/d E =D E =CM E =C 

where they are ordered upon their strength. The T-equivalence relation, =y, is 
the strongest one, and it is contained obviously into the (TUJd)-equivalence rela- 
tion, =Tuid- Taking into account that this equivalence relation is compositional 
but not fully abstract, it will be contained in =d, which is also contained in 
the consistent term- model equivalence, =cm- Obviously, the least term-model 
equivalence, =lm, is the weakest one. 

In order to establish some conclusions about the compositionality and the 
full abstraction of all these semantics, we are going to discuss the information 
exhibited in Tabic In this table, we can observe a sort of dependency between 
fulfilling compositionality/full abstraction and the strength of the equivalence 
relationship defined by the semantics, in such a way that the strongest ones are 
compositional whereas the weakest ones are fully abstract. The best semantics 
must be an intermediate semantics satisfying both properties; in our case, the 
semantics {[■])•£)■ A similar study was already made by Brogi in j?J in the field of 
logic programming, but he did not deal with variables, and avoided the complex- 
ity inherent to the non-ground term algebras. Another difference (apart from 
the context) with respect to the current work is the set of operations we are con- 
sidering, which does not coincide with the set of inter-module operations defined 
by Brogi. One of the most significative operations described by him is the inter- 
section of programs. This operation makes the (TUJd)-semantics compositional 
and fully abstract in a logic programming context. However, the difficult jus- 
tification of this operation in our framework (the functional-logic programming 
paradigm) has inclined us to think in an alternative: the deletion operation. We 
believe that this operation is more natural (as a composing mechanism) than 
program intersection. This has an inconvenience: the (T U /rf)-semantics is not 
fully abstract (although it is compositional) wrt our operations. In fact, the 
intersection of programs is a very powerful tool to distinguish programs (more 
than the deletion operation), and it can be used to delete a single rule, whereas 
our deletion operation only can be used to delete a whole set of rules defining 
a function. Nevertheless, we have found a fully abstract and compositional se- 
mantics, also for the deletion operation, which completes the results provided 
by this work. 
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Table 1: Compositionality (C) and Full Abstraction (FA) 
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